Solved

Use LDAP for Windows Logon

Posted on 2011-03-01
3
1,133 Views
Last Modified: 2012-08-13
Just a curiosity that I do not feel like browsing all LDAP or Windows forums for an answer, but I am curious if it is possible to redirect the Windows login to authenticate against an LDAP server.

The situation I'm encountering is that I have users whose credentials are kept on a server that is not trusted to my site's domain controllers, but I would still like to host user data. So it is imperative that they maintain credentials on the remote server, but can still log in to machines on my domain.

Thanks in advance for any help!!
0
Comment
Question by:SUNYESF
  • 2
3 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 35009876
Hi,

Do you mean that users are in account forest and data is in resource forest and there in no trust in between and you want user's to have access to the data in resource forest

"but can still log in to machines on my domain"
unless they have a user account on your domain they won't be able to login to your domain. However if they can access data if there is a trust relationship between the two forest.

May be you can explain more about your AD structure and requirement.
0
 

Author Comment

by:SUNYESF
ID: 35010702
Yeah, looking back that wording could've used some more coffee...

Here's the situation:
My campus (and independent network) is physically and organizationally linked to another geographically close campus. Users on campus2 utilize computers on my campus, but thus far this has been achieved through placing my computers in the campus2 domain.

However, impending changes to the policy structure of campus2 put me in a position to not want policy inheritance. So what I would like to do is pull all units accessed by users of campus2 into my domain.

I feel this would not be a problem if the authorities of campus2 would allow for a trust between our independent active directory structures, but they will not. Thus I am wondering if authentication is possible via some other method that does not require an AD trust between domain controllers or similarly controlled connection -- maybe something like LDAP.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 500 total points
ID: 35010850
if you want to use native windows functionality then you need to use forest-trust relationship, unless otherwise you get a third party app created
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question