Solved

Accessing resources across Windows Server 2003 domains

Posted on 2007-03-22
5
298 Views
Last Modified: 2008-01-09
Hi all,
I've got a client with 2 Windows Server 2003 R2 domains in one physical location. These 2 domains are totally separate, and the only thing they share presently is an internet connection and an ethernet switch. My clients want users in domain A to be able to access resources on servers and workstations in domain B. The main imperative is that users in domain B should not have any access to servers or workstations in domain A. The things I guess I need:

I'm guessing that I need a one-way trust but my experience is very single-domain so I'm looking for a quick walk-through here!

Is a one-way trust truly one-way, is there NO way for domain B users to access domain A?

How do I configure permissions etc on resources in domain B so that domain A users can access the requisite resources?

Can users from domain A be given permission to log onto computers belonging to domain B?

Thanks.
0
Comment
Question by:budchawla
  • 2
  • 2
5 Comments
 
LVL 19

Accepted Solution

by:
aissim earned 500 total points
ID: 18773330
* Yes, a one-way trust is what you need. You'll want domain B to trust domain A.
* One-way is truly one way. Domain B will not be able to access domain A in any way.
* Once the trust is in place, you'll be able to configure permissions in domain B the same as always - you'll just have access to resources/accounts in domain A as well...nothing tricky. For example, if you want to modify a folder's permissions - you can select users from either domain to allow access. They're all at your fingertips.
* Yes, users from domain A will be able to log onto computers in domain B as soon as the trust is in place. On the logon screen, the 'domain' drop down field, will allow you to choose either domain
0
 
LVL 10

Author Comment

by:budchawla
ID: 18773894
I love a well structured response... thanks aissim. I'm sure everything will work as you say, but I'll leave this open till I can test it so I can come back with any queries :-)
Thanks again..
0
 
LVL 19

Expert Comment

by:aissim
ID: 18773959
Sounds good - post back if you have any questions along the way.
0
 
LVL 10

Author Comment

by:budchawla
ID: 19305397
Sorry for the delay & thanks!
0

Featured Post

Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Learn about cloud computing and its benefits for small business owners.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question