• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1157
  • Last Modified:

Use LDAP for Windows Logon

Just a curiosity that I do not feel like browsing all LDAP or Windows forums for an answer, but I am curious if it is possible to redirect the Windows login to authenticate against an LDAP server.

The situation I'm encountering is that I have users whose credentials are kept on a server that is not trusted to my site's domain controllers, but I would still like to host user data. So it is imperative that they maintain credentials on the remote server, but can still log in to machines on my domain.

Thanks in advance for any help!!
0
SUNYESF
Asked:
SUNYESF
  • 2
1 Solution
 
NavdeepCommented:
Hi,

Do you mean that users are in account forest and data is in resource forest and there in no trust in between and you want user's to have access to the data in resource forest

"but can still log in to machines on my domain"
unless they have a user account on your domain they won't be able to login to your domain. However if they can access data if there is a trust relationship between the two forest.

May be you can explain more about your AD structure and requirement.
0
 
SUNYESFAuthor Commented:
Yeah, looking back that wording could've used some more coffee...

Here's the situation:
My campus (and independent network) is physically and organizationally linked to another geographically close campus. Users on campus2 utilize computers on my campus, but thus far this has been achieved through placing my computers in the campus2 domain.

However, impending changes to the policy structure of campus2 put me in a position to not want policy inheritance. So what I would like to do is pull all units accessed by users of campus2 into my domain.

I feel this would not be a problem if the authorities of campus2 would allow for a trust between our independent active directory structures, but they will not. Thus I am wondering if authentication is possible via some other method that does not require an AD trust between domain controllers or similarly controlled connection -- maybe something like LDAP.
0
 
NavdeepCommented:
if you want to use native windows functionality then you need to use forest-trust relationship, unless otherwise you get a third party app created
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now