Link to home
Start Free TrialLog in
Avatar of Line One
Line One

asked on

synchronization of windows server accounts between different domains

If I have a Windows server domain - e.g. domain 1 and then I create another domain - domain 2 - and I have users with exactly the same name and password on both domains, is there any way I can have a user in domain 2 log in so that they have access to all the resources the same user name/password would have on domain 1 without using a trust between the two domain? I want them to access mail, folders, printing, etc just as if they had logged in with the same name password on domain 1?  Would I need net use commands and if so which ones?  If I can do this with different versions of Windows e.g. domain 1 - Windows 2000 and domain 2 Windows 2003, 2008 and 2003, NT4 and 2003, etc?  Specifically I would like to do this with Windows NT and Windows 2008 or Windows 2003. Again I want to know if this can be done without trusts.
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image

No - if they are different domains then they are different domains - the fact that they may have the same name is irrelevant.
If you want to do this then you will need to use different domain names ans create trusts
Avatar of Line One
Line One

ASKER

They will have different domain names - Domain 1 and 2 - it is the user name and password that remains the same. Can not users being logged into two domains simultaneously? I just want it so that when the user logs in to Domain 2 with a certain name/password I can map drive letters/printers  for them that are on Domain 1 so that their name and password don't have to be re-entered each time they access drive G for example which happens to be a drive they have permissions to on Domain 1.  I'm pretty sure I've seen this done. Maybe it was done with reconnect at logon?
SOLUTION
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Would the person logging into domain 2 have to re-enter their passwords each time they use a network drive on the other domain?
I notice this note on another post - https://www.experts-exchange.com/questions/23390987/Printing-across-domains-without-trusts-in-place.html

The fellow in question says that he can print as administrator on a 2nd domain without a trust but not as a regular user.  

The Expert responds:

"You can use the administrator account because that username exists on both computers/domains."

So my administrator account would be able to access both domains in my scenario because it's the same name/password on both domains but not my users who have the same name/password on both domains?
Any comment on the link?

What is the aversion to creating a trust? Doing so, would make life much easier for what you are trying to accomplish.
So with Windows machines, if you have a local account on two servers with matching user names and passwords, you sign on as one and map to a share on the other, it should work.  Domain accounts don't work like this though.  You might be able to do this with ADFS (Federation Services) but I have never tried it, just read the marketing blips about it.  
Firebar: Exploring all available options does not necessarily mean an aversion to any one option.


BLipman:

What about the comment about the administrator account earlier in the posts? Is that because it's a local account on both servers as well as a domain account?



ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial