?
Solved

Mapping a Drive Across Domains

Posted on 2005-04-28
14
Medium Priority
?
3,055 Views
Last Modified: 2012-05-05
Hi,

I have a few computers that need access a network location across domains. The best solution I came up with is mapping a drive.  Maybe you have a better idea.

The computers in question will be using the login username of "Student" on the MTSD domain.  Those computers need to access the VILLAB domain with the username lets say 10.  (The username 10 is not in the MTSD domain as a user.)

If I map a drive as a different user, it works but when the computer is restarted the user is prompted for the password each time.  

Is there a way to avoid typing in a password or is there a better solution to this problem?

P.S. The network admin does not want to add users from the VILLAB domain to the MTSD domain.

Thanks
0
Comment
Question by:jdolan2587
  • 4
  • 3
  • 2
  • +3
14 Comments
 
LVL 9

Assisted Solution

by:rshooper76
rshooper76 earned 600 total points
ID: 13888008
Yuo can create a trust between the 2 domains, however the user will need to hav an account on both domains.  Without a trust, or even an account on the other domain I don't think you can avoid having to enter the username and password each time you try to map a drive.  
0
 
LVL 18

Accepted Solution

by:
luv2smile earned 400 total points
ID: 13888038
If you create a trust between the domains then users between the two domains could authenticate in the other domain. You can set either a one way or two way trust......a one way trust would be only one way....users from domain A could authenticate in domain B,, but not vice versa (depending on the direction of the trust).

With a properly setup trust, the users wouldn't have to enter their password and the admin from the other domain wouldn't have to actually add users into their domain.  
0
 
LVL 18

Expert Comment

by:luv2smile
ID: 13888058
"however the user will need to hav an account on both domains"

This is not correct. This is the whole point of a trust.....so you don't have to have accounts on both domains to authenticate.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 8

Assisted Solution

by:kain21
kain21 earned 400 total points
ID: 13888476
you could use a login script to map the drives each time a user logs on to their computer... here's a simple vbscript that would accomplish the task...

Dim objNetwork
Dim DriveLetter, RemotePath, Username, Password
Set objNetwork = CreateObject("WScript.Network")

DriveLetter = "L:"
RemotePath = "\\computername\share"
Username = "domainname\student"
Password = "password"

objNetwork.MapNetworkDrive DriveLetter, RemotePath, False, Username, Password


simply cut and paste the code above into a file named something.vbs... ofcourse change the driveletter, remotepath, username, and password variables to match your needed values... you can then use group policy to assign this script as a login script... this would map the drive each time on login with the specified credentials rather than the default logged on users credentials... prior to assigning the script make sure you delete the existing mapped drive from the users profile to prevent a resource conflict...

0
 
LVL 2

Assisted Solution

by:pcavenue
pcavenue earned 400 total points
ID: 13889467
I would forget the vbs script and just use a batch file

login.bat containing close to the same.

net use l: \\servername\sharename /user:domainname\username password /persistent:no /y

0
 
LVL 18

Expert Comment

by:luv2smile
ID: 13889707
Of course storing a password in plain text is very unsecure and would create much more of a security risk in my opinion than in implementing a trust between the domains. Just my opinion.....
0
 
LVL 8

Expert Comment

by:kain21
ID: 13889996
I would agree with the one way trust being more secure if it were reversed... from the question it sounds like the VILLAB domain is concerned with users from the MTSD domain gaining access to his resources other than the share... this could happen if a one-way trust was to allow the VILLAB domain to trust the MTSD domain...
this would allow users of the MTSD domain to authenticate in the VILLAB domain and possibly gain access to resources...

However, if the situation were reversed and the share was located on the MTSD domain he could create a one-way trust to allow the MTSD domain to trust the VILLAB domain... he could then grant access to the share to users in the VILLAB domain and MTSD domain and the VILLAB network admin could rest assured that no users in the MTSD domain could access resources on the VILLAB domain with their MTSD credentials.... this would be the most secure method... in regards to resources on the VILLAB domain...

the way suggested through the scripts above would store the password in plain text but the VILLAB domain admin would be able to lock the account down so they would only be able to access the share and no other resources...
0
 
LVL 9

Expert Comment

by:rshooper76
ID: 13890348
I thought with a domain trust you needed an account on both domain, that with the trust if the account on domain A was also on domain B then you did not need to authenticate.  If you don't mind can you clarify this for me luv2smile.  If I was wrong here I appoligize.
0
 
LVL 6

Assisted Solution

by:Wallsy
Wallsy earned 200 total points
ID: 13893575
Also, if you don't want to automate this with a batch file or vbscript (for one or two users):

When you create the drive mapping, check the "Reconnect at logon" box and then click on the "different user name" text to access the "Connect As..." window. Type the VILLAB\10 user name in but leave the password box blank.

When you click the "Finish" button back in the "Map Network Drive" window, you will be prompted for the password, and you will also have a "Save Password" check box available. This will stop future password prompts as long as the password isn't changed.

We use this as we have a centralised logon script that won't let us create drive mappings with different credentials.

HTH,

Wallsy
0
 
LVL 8

Expert Comment

by:kain21
ID: 13893679
rshooper76,

when you create a trust between domains.... the trusting domain will allow users from the trusted domain to authenticate using their credentials (username/password)... no duplicate accounts are needed... they would simply login to the trusting domain resources with the trusted domain credentials... i.e. username: MTSD\student or student@MTSD.com....

0
 
LVL 18

Expert Comment

by:luv2smile
ID: 13895170
Kain21 provided a good explanation. For example....my domain has a trust with another domain. My users can connect to resources in the other domain without being prompted for a password and these users have no accounts on the other domain. This is why we have a trust.....so there isn't a need for 2 redudant user names and passwords
0
 

Author Comment

by:jdolan2587
ID: 13911339
Thanks for all of your comments.

I am trying with the easiest first(for me at least)  

Wallsy,  
I tried your solution and the mapping works but I didn't see the checkbox for "Save Password"   Is this a function of Windows XP?  It sounds great but I can't find the elusive checkbox.  Running Win 2000.

Thanks
0
 

Author Comment

by:jdolan2587
ID: 13962179
Thanks for all of your input.  It appears I might have to wait a little because our servers are being upgraded.  I will share the points accordingly.

Thanks again
0
 
LVL 6

Expert Comment

by:Wallsy
ID: 13966471
Hi jdolan2587,

Thanks for the points! I'm not sure about Windows 2000 - I'm on a pure XP site - but I will investigate and if I find the answer I'll let you know!

Cheers,

Wallsy
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question