• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 877
  • Last Modified:

Allow non-domain user to impersonate a domain user similar to after VPN authentication

I am a consultant who works on-site at many different client offices doing .NET coding and SQL administration.  I have my own Active Directory domain structure in place, and my clients have their own.  When I am at the client's office, using my business laptop (which is a computer on my domain, running Windows Vista Ultimate SP1), I am not able to use Windows Authentication for file shares, TFS, and SQL Server.  For file shares and TFS, I am prompted to log in as a domain user, but for SQL, I have to use a SQL login.  However, when I am at my office, and I VPN to their network (RRAS), I am now impersonating my (client) domain login.  I am able to access all resources as though I am that user, without being prompted, which makes life much easier.

My question is this: Is there a way to configure either my laptop or their network to allow me to impersonate my (client) domain login when I am physically on their network, just like when I am VPN'd in?
  • 2
1 Solution
There is, but I am not sure you want to go down that road>

You can build a domain trust, meaning their domain trusts yours. It's like a part of a domain /forest topology.

The question is, will the folks who you consult, allow you to build that trust relationship between your domain and theirs?

Other than that, you have to use their domain logon.

There is also the RUN AS command. Sounds like you are familiar with that as well.

Furthermore, you can map network drives, using credentials other than the ones you are currently logged on with. So, if you just wish to access file shares using different credentials, you can certainly create a mapped network drive to that share and tell that mapped drive you wish to use different credentials.

Please advise where you wish to go from here.
simsystemAuthor Commented:
That's what I thought.  

The domain trust route is out, as I am running SBS2003 for my domain.  Mostly it is just a hassle having the log in prompt jump up every time I open VS, SSMS, etc.  I just thought that if MS had taken the time to get it working with VPN connections, then there might be a way to access the same functionality without the VPN.  

Oh well.  Thanks for the help!
simsystemAuthor Commented:
Thanks again!

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now