stealy
asked on
Cross Forest/Domain File Sharing
Hi,
We have our own single domain forest and we have a partner company that has their own forest. We would like to be able to share files with them without setting up a trust. Does anyone have any suggestions to achieve this?
We have our own single domain forest and we have a partner company that has their own forest. We would like to be able to share files with them without setting up a trust. Does anyone have any suggestions to achieve this?
MSE-dwells
I guess it depends how you want to share files, are you looking to do so through regular old Windows shares? May I also ask your reasoning for not wanting the trust relationship?
ASKER
We're concerned about the security implications of the trust. We only want the sister company to access one server and one share on that server. Regular Windws share would be the preference but any viable solution would be looked at.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It sounds good to me but there's serious resistance to Trusts here so I'm not sure I could get it adopted. Have you any other suggestions?
You can do it through ftp which can be made to look like a regular ol' Windows folder.
You could create a user with the same name and password on either side that has very limited access to specific shares on each side of the fence and have your users use that name.
You could sync. the security principals between the two domains.
I don't believe there's an off-the-shelf federated solution for you at this point but it's been a while since I looked at the likes of ADFS.
You could create a user with the same name and password on either side that has very limited access to specific shares on each side of the fence and have your users use that name.
You could sync. the security principals between the two domains.
I don't believe there's an off-the-shelf federated solution for you at this point but it's been a while since I looked at the likes of ADFS.