Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Active Directory Authentication

Posted on 2003-11-20
10
Medium Priority
?
534 Views
Last Modified: 2010-04-14
Hey everyone
Hopefully this is an easy question, and hopefully somone can give me a simple straight answer

I got 2 sites in active directory, site A and site B.

They are connected to each other using a 256K WAN link

the domain is arranged A.com and B.A.com

I am wondering, how do i force clients to authenticate to their local domains?

Cheers :-)
0
Comment
Question by:undyshelts
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 4

Accepted Solution

by:
chaddupuis earned 200 total points
ID: 9794647
Make sure that each domain controller is a global catalogue server. That should force the client to authenticate at the closest domain controller
0
 
LVL 10

Expert Comment

by:Justin C
ID: 9797634
If you have two domains, users authenticate to the domain their account is a part of.  If you've got one domain with two AD sites, users should authenticate to the DC in their own site first unless it is unavailable.  
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9798163
Depending on the GC, of course. In order to insure your clients authenticate to the local server, a DC at each site must be configured as a GC server.
0
[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

 
LVL 4

Expert Comment

by:chaddupuis
ID: 9800112
to add, if a DC is not configured as a global catalogue, it will not authenticate clients at all . (PERIOD)
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9800413
You know, there is one thing we haven't asked about. DNS. It shouldn't be an issue, as this seems to be a straight authentication question/issue.
And while it is a little late, is there any reason for the two seperate Domains?
Just curiosity, and I realize it's really not any of my business, but with that type of setup, a single domain, with seperate sites COULD have worked, depending of course on the needs of the business.
0
 
LVL 4

Expert Comment

by:chaddupuis
ID: 9801179
If he has his domains setup this way then DNS is functioning. Also you should make sure that when you login that you specify username@b for b.a.com and username@a for a.com. This should guarantee that you are at least login into the correct domain. Now to make sure that the DC at the local site is processing the authentication request (and not a DC for the same domain at another site) you need to make sure that you have all your sites (in active directory Sites and Services) configured correctly and most importantly, like I alreadymentioned, you must have that DC specified as a globla catalogue server.
0
 
LVL 1

Author Comment

by:undyshelts
ID: 9828412
thanks chaddupuis... I asked for a simple answer and u were right on the ball.. thank you..
You didn't overwhelm me with Active Directory jargon (which is shocking because i've only stated learning AD)..

Thanks again! :-)
0
 
LVL 4

Expert Comment

by:chaddupuis
ID: 9829516
Not a Problem, how did it go by the way?
0
 
LVL 1

Author Comment

by:undyshelts
ID: 9834042
Yeah...
the question was actually for an assignment i had (going towards my qualification).
I ended up understanding how it all works and i got a very good mark for the assignment.. thanks...
0
 
LVL 4

Expert Comment

by:chaddupuis
ID: 9834456
No Problem.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question