Solved

Use LDAP for Windows Logon

Posted on 2011-03-01
3
1,127 Views
Last Modified: 2012-08-13
Just a curiosity that I do not feel like browsing all LDAP or Windows forums for an answer, but I am curious if it is possible to redirect the Windows login to authenticate against an LDAP server.

The situation I'm encountering is that I have users whose credentials are kept on a server that is not trusted to my site's domain controllers, but I would still like to host user data. So it is imperative that they maintain credentials on the remote server, but can still log in to machines on my domain.

Thanks in advance for any help!!
0
Comment
Question by:SUNYESF
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 35009876
Hi,

Do you mean that users are in account forest and data is in resource forest and there in no trust in between and you want user's to have access to the data in resource forest

"but can still log in to machines on my domain"
unless they have a user account on your domain they won't be able to login to your domain. However if they can access data if there is a trust relationship between the two forest.

May be you can explain more about your AD structure and requirement.
0
 

Author Comment

by:SUNYESF
ID: 35010702
Yeah, looking back that wording could've used some more coffee...

Here's the situation:
My campus (and independent network) is physically and organizationally linked to another geographically close campus. Users on campus2 utilize computers on my campus, but thus far this has been achieved through placing my computers in the campus2 domain.

However, impending changes to the policy structure of campus2 put me in a position to not want policy inheritance. So what I would like to do is pull all units accessed by users of campus2 into my domain.

I feel this would not be a problem if the authorities of campus2 would allow for a trust between our independent active directory structures, but they will not. Thus I am wondering if authentication is possible via some other method that does not require an AD trust between domain controllers or similarly controlled connection -- maybe something like LDAP.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 500 total points
ID: 35010850
if you want to use native windows functionality then you need to use forest-trust relationship, unless otherwise you get a third party app created
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now