Solved

Auto Mapping Network Drives Across Different Domains

Posted on 2009-05-06
5
770 Views
Last Modified: 2012-05-06
I need to figure out a way to automatically map a network drive from two separate domains on the same LAN via Active Directory 2003.
Example:  I have an Active Directory user account and this user which is on an XP pro workstation needs to have the drive X automatically mapped to the web server which is not part of our company domain but is a Windows 2003 server.  What should I do to complete this process?

Thanks
0
Comment
Question by:tymccoy
  • 2
  • 2
5 Comments
 

Expert Comment

by:prabir_panda
ID: 24317330
Hi

you need to establish two way transitive trust between the domains before you map the drive using AD policies.

for the purpose the name resolution of both the ADs must be working satisfactorily. you can consider WINS or DNS for the same

 
0
 
LVL 83

Accepted Solution

by:
oBdA earned 250 total points
ID: 24317554
Sorry, prabir_panda, but that's partially overkill and partially incorrect.
A "two way transitive trust" is far from being necessary. All that is required here is a non-transitive, one-way trust in which the "webserver" domain (the "resource" domain) trusts the company domain (the "account" domain); in other words: create an outgoing trust from the "webserver" domain, and an incoming trust in the "company" domain.
The specifics are here, as seen and when running from the "company" domain:
Create a one-way, incoming, external trust for both sides of the trust
http://technet.microsoft.com/en-us/library/cc778696(WS.10).aspx

More general:
Creating External Trusts
http://technet.microsoft.com/en-us/library/cc728307(WS.10).aspx

How Domain and Forest Trusts Work
http://technet.microsoft.com/en-us/library/cc773178.aspx

And WINS has absolutely no impact in an AD trust; WINS is only used if an NT4 domain is involved on either side.
What's necessary is that both domains are able to resolve each other's names.
The easiest way to do this is usually through conditional forwarding; open the properties of your DNS server(s) on each domain, go to the Forwarders tab, and add a conditional forward to the respective other domain's DNS servers.
Then create the domain trust as described above.
0
 

Author Comment

by:tymccoy
ID: 24317617
sounds right, but not to sound like an idiot... but do you happen to have any links that gives a good explanation on how this can be done "Preferably with pretty pictures ;-) "
My company has just cut back on IT and I usually only deal with end user software installation, printers, VoIP, and IT purchases. Now the company is having work on stuff that I have not done since college where we only had Windows 2000 and NT.  
0
 

Author Comment

by:tymccoy
ID: 24317777
Thanks oBdA, sounds like I have some work cut out for me...
Hopefully one of these days I can finally sit down and actually go through the active directory training material I have at my desk
0
 
LVL 83

Expert Comment

by:oBdA
ID: 24317801
Don't even start with creating the trust until you can lookup the other domain's name without problems.
Pretty pictures for conditional forwarding are here:
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html

Assuming you have administrative permissions in both domains, the first link above will do it, after you've ensured mutual DNS resolution.
Again: Seen from the "company" domain, what you need is an *incoming* trust, which respectively means that this is an outgoing trust in the "webserver" domain. The webserver domain will trust the company domain.
Lesson 4. Managing Trust Relationships
http://codeidol.com/active-directory/actdir/Installing-and-Managing-Domains,-Trees,-and-Forests/Lesson4.Managing-Trust-Relationships/

Once the trust is established, you'll be able to add groups from the trusted domain either directly to resources in the webserver domain, or to add global groups from the trusted company domain to (domain) local groups in the webserver domain.
0

Featured Post

Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlleā€¦
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question