Orchestration Activities and their domains


Description

Question on Orchestration activities in domains separated instance.

Use case:

We have multiple mid servers configured in the TOP domain. Mid Server credentials are also on TOP domain. While testing everything from a TOP domain, everything works fine. There is an SR that calls AD Orchestration pack activities in a workflow. However, when a user (TOP/Domain A) tries to submit a SR for this, it will spectacularly fail. Checking on this shows that all MID servers cannot be seen.

Need clarification if MID Servers/Credentials need to be in the global domain for Orchestration activities to work? Is there a way to keep the MID Serves in TOP domain but still allow SR's in Top/DomainX the ability to work the SRs?

Cause

The parent domain can access the child domain but the child domain cannot access the parent domain. Therefore the SR in Top/DomainX will not be able to see the credentials and mid servers in TOP.

Resolution

Is there a way to keep the MID Serves in TOP domain but still allow SR's in Top/DomainX the ability to work the SRs?
R: Unfortunately, this is not possible.
The workaround is to put the mid server in global or in the specific child domain.