Link to home
Start Free TrialLog in
Avatar of eenderle
eenderleFlag for United States of America

asked on

Trust relationship between a domain and a workgroup

Hello,
         is it possible to create a trust relationship between a domain and a workgroup that are connected over vpn, we can only see the other offices computers if we do a search by name, would a trust relationship allow us to see each other and if so, how do you create this realtionship ?.
Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image
Trust relationships are not possible with Workgroups - workgroups have nothing to trust - all systems are independent.  Trusts are between domains only.  Further, trusts are not possible with Small Business Server (if you are using that).
ASKER CERTIFIED SOLUTION
Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of xrok
xrok
Modify Hosts file and add Domain Computers
Avatar of sr1xxon
sr1xxon
Hi eenderle,
You can't trust a workgroup from a domain or vice versa because they are unauthenticated and thus implicitly untrusted.

eg. you need credentials to be able to print to a device configured on a domain, in the same way you need the appropriate rights to access a restricted or locked down share or directory.

If you are going to roll out a domain implementation, I recommend you implement the single master domain model.. more on this on the second link below.

with multiple domains, on the other hand, you are able to create trusts .

how to configure a trust relationship
http://www.windowsitpro.com/Article/ArticleID/13522/13522.html

the following page briefly describes each type of trust construct for windows domains with pros/cons.
http://eserver.bell.ac.uk/mirrors/win2000/pt3_3.htm#trusts


Hope this helps you!


Avatar of rshooper76
rshooper76
I would setup WINS on yor server and see if that meets your needs.
Avatar of ViRoy
ViRoy


Well, since you say you do a search for the name to browse the remote computers, im assuming theres not a large volume of computers there. Depending on the amount of computer that need to be accessed, i would use the HOSTS file and add static entries for each of the computers you access... this will require manual entry, but once completed, it can be copied to all other computers on your local network. all local computers will be able to browse remote computer names simply by typing in the computer name. the remote computers will also show up in the network neighborhood.

if theres a larger volume of computers at the remote location (30 or more), then i would suggest the WINS route.
Avatar of ViRoy
ViRoy


*CORRECTION - You want to add the static mapping to the LMHOSTS file, not HOSTS. I believe this LMHOSTS file is located in the windows system directory, by default its called LMHOSTS.SAM, you will need to rename it to just plain ol' "LMHOSTS" with no extension. open the LMHOSTS file with any text editor, examples are included and will contain all the info you need to get started.
Avatar of Paul Knight
Paul Knight
Flag of United Kingdom of Great Britain and Northern Ireland image
I have just completed a simular setup, whilst migrating to a green field system, first setup your trust relationship, then to setup a secondry DNS zone on easch domain controler and replicate the zones.  this should allow host on both sides of the network to use split DNS

fox