Swift
asked on
Extending file services to another forest / domain users
There is a need to share AD objects, primarily files residing on an AD integrated NAS box, to our users on the Internet, and also to another set of users from one of our JV company's that runs it's own Windows 2003 Std. infrastructure. Ours is native Windows 2003 R2.
I want to avoid establishing trust between the two forests just for the sake of sharing files across which is currently accomplished by FTP transfers. What are my aternatives?
I want to avoid establishing trust between the two forests just for the sake of sharing files across which is currently accomplished by FTP transfers. What are my aternatives?
ASKER
Laura, having taken some time to read the stuff, I am a bit wary of two aspects:
1. It seems like AD FS needs to be deployed on both the forests and it rings about schema changes within AD. This is critical as I might not be able to convince our associated partners of undertaking this 'bit' risky operation on their current operational AD org.
2. AD FS over sharepoint is only available as a web interface over IIS. That means, I use browser for tranferring/sharing my files even after I deploy AD FS. Is there any other (non browser) alternative?
You mentioned that AD FS is 'non trivial' to deploy. Pls elaborate a bit more on this aspect. Does non trivial also imply 'risky'?
Thanks!!
1. It seems like AD FS needs to be deployed on both the forests and it rings about schema changes within AD. This is critical as I might not be able to convince our associated partners of undertaking this 'bit' risky operation on their current operational AD org.
2. AD FS over sharepoint is only available as a web interface over IIS. That means, I use browser for tranferring/sharing my files even after I deploy AD FS. Is there any other (non browser) alternative?
You mentioned that AD FS is 'non trivial' to deploy. Pls elaborate a bit more on this aspect. Does non trivial also imply 'risky'?
Thanks!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Laura one last point...should I presume 'yes' to my earlier query that I would need to enable ADFS on both the forests, 'to and from' I need to share AD objects/documents!!!??
ASKER
Calling Laura...!!
Laura...Do I need to enable ADFS on both the forests across which I need to share my files/folders? Pls reply!
Laura...Do I need to enable ADFS on both the forests across which I need to share my files/folders? Pls reply!
http://support.microsoft.com/default.aspx/kb/912492
http://blogs.technet.com/adfs_documentation/archive/2007/02/16/adfs-sharepoint-server-2007-new-content-available.aspx