Solved

Use LDAP for Windows Logon

Posted on 2011-03-01
3
1,131 Views
Last Modified: 2012-08-13
Just a curiosity that I do not feel like browsing all LDAP or Windows forums for an answer, but I am curious if it is possible to redirect the Windows login to authenticate against an LDAP server.

The situation I'm encountering is that I have users whose credentials are kept on a server that is not trusted to my site's domain controllers, but I would still like to host user data. So it is imperative that they maintain credentials on the remote server, but can still log in to machines on my domain.

Thanks in advance for any help!!
0
Comment
Question by:SUNYESF
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 35009876
Hi,

Do you mean that users are in account forest and data is in resource forest and there in no trust in between and you want user's to have access to the data in resource forest

"but can still log in to machines on my domain"
unless they have a user account on your domain they won't be able to login to your domain. However if they can access data if there is a trust relationship between the two forest.

May be you can explain more about your AD structure and requirement.
0
 

Author Comment

by:SUNYESF
ID: 35010702
Yeah, looking back that wording could've used some more coffee...

Here's the situation:
My campus (and independent network) is physically and organizationally linked to another geographically close campus. Users on campus2 utilize computers on my campus, but thus far this has been achieved through placing my computers in the campus2 domain.

However, impending changes to the policy structure of campus2 put me in a position to not want policy inheritance. So what I would like to do is pull all units accessed by users of campus2 into my domain.

I feel this would not be a problem if the authorities of campus2 would allow for a trust between our independent active directory structures, but they will not. Thus I am wondering if authentication is possible via some other method that does not require an AD trust between domain controllers or similarly controlled connection -- maybe something like LDAP.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 500 total points
ID: 35010850
if you want to use native windows functionality then you need to use forest-trust relationship, unless otherwise you get a third party app created
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now