[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Trust relationship between a domain and a workgroup

Posted on 2005-04-21
8
Medium Priority
?
7,553 Views
Last Modified: 2009-06-10
Hello,
         is it possible to create a trust relationship between a domain and a workgroup that are connected over vpn, we can only see the other offices computers if we do a search by name, would a trust relationship allow us to see each other and if so, how do you create this realtionship ?.
0
Comment
Question by:eenderle
8 Comments
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 13833713
Trust relationships are not possible with Workgroups - workgroups have nothing to trust - all systems are independent.  Trusts are between domains only.  Further, trusts are not possible with Small Business Server (if you are using that).
0
 
LVL 97

Accepted Solution

by:
Lee W, MVP earned 2000 total points
ID: 13833746
If you are using WINS, then the remote systems might be able to set themselves to use the WINS server of the domain.  "Seeing" all systems in Network Neighborhood is a function of the Computer Browser Service.

http://www.windowsitpro.com/Article/ArticleID/24879/24879.html
http://www.petri.co.il/what's_the_microsoft_computer_browser_service.htm
http://support.microsoft.com/kb/188001
http://support.microsoft.com/?id=188305
0
 
LVL 3

Expert Comment

by:xrok
ID: 13833848
Modify Hosts file and add Domain Computers
0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 
LVL 6

Expert Comment

by:sr1xxon
ID: 13833937
Hi eenderle,
You can't trust a workgroup from a domain or vice versa because they are unauthenticated and thus implicitly untrusted.

eg. you need credentials to be able to print to a device configured on a domain, in the same way you need the appropriate rights to access a restricted or locked down share or directory.

If you are going to roll out a domain implementation, I recommend you implement the single master domain model.. more on this on the second link below.

with multiple domains, on the other hand, you are able to create trusts .

how to configure a trust relationship
http://www.windowsitpro.com/Article/ArticleID/13522/13522.html

the following page briefly describes each type of trust construct for windows domains with pros/cons.
http://eserver.bell.ac.uk/mirrors/win2000/pt3_3.htm#trusts


Hope this helps you!


0
 
LVL 9

Expert Comment

by:rshooper76
ID: 13834905
I would setup WINS on yor server and see if that meets your needs.
0
 
LVL 8

Expert Comment

by:ViRoy
ID: 13835719


Well, since you say you do a search for the name to browse the remote computers, im assuming theres not a large volume of computers there. Depending on the amount of computer that need to be accessed, i would use the HOSTS file and add static entries for each of the computers you access... this will require manual entry, but once completed, it can be copied to all other computers on your local network. all local computers will be able to browse remote computer names simply by typing in the computer name. the remote computers will also show up in the network neighborhood.

if theres a larger volume of computers at the remote location (30 or more), then i would suggest the WINS route.
0
 
LVL 8

Expert Comment

by:ViRoy
ID: 13835743


*CORRECTION - You want to add the static mapping to the LMHOSTS file, not HOSTS. I believe this LMHOSTS file is located in the windows system directory, by default its called LMHOSTS.SAM, you will need to rename it to just plain ol' "LMHOSTS" with no extension. open the LMHOSTS file with any text editor, examples are included and will contain all the info you need to get started.
0
 
LVL 7

Expert Comment

by:knightfox
ID: 13837970
I have just completed a simular setup, whilst migrating to a green field system, first setup your trust relationship, then to setup a secondry DNS zone on easch domain controler and replicate the zones.  this should allow host on both sides of the network to use split DNS

fox
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question