Solved

Process running as different domain user

Posted on 2012-03-29
3
311 Views
Last Modified: 2012-04-12
Hi all

I have following constellation:

Server0
Domain: server-domain.lan
Windows Server 2003
      With Active Directory
      Domain Controller

Server1
Domain: server-domain.lan
Windows Server 2005
      IIS Host (Application Server)


Client0
Domain: server -domain.lan

Client0 is connecting to the domain with user/password
Client0 is hosting a service (dataGetter) retrieving data through WCF from Server1, where security setting of the binding are set to:

<binding name="BasicNetTcpBinding" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" maxReceivedMessageSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>

To ensure that only specific user are allowed to use the WCF service from Server1

Now Client0 has to be moved to “client-domain.lan” and will thus not be able to get the credential, which will prohibit “dataGetter” to retrieve data.
Before making changes on the WCF-service of Server1, I would rather have the “dataGetter” process to run in a special account on the Client0. Such as, the physical machine being in the “client-domain” and the process in the “server-domain”.
Is this possible ?
0
Comment
Question by:thomasbau65
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 37784123
If I understand the question correctly, a user can autheticate to server-domain from client-domain by using the format
  domain\username
along with the appropriate password for that account.  This will require the user in client-domain to autheticate separately.

The only other way I can think to do it would be set up a trust relationship between server-domain and client-domain, and allow the user from client-domain to use the service.
0
 
LVL 1

Author Comment

by:thomasbau65
ID: 37789174
Ok so one solution could be to let the AD of both domain do the trick by setting up a trust relationship between them.
Is this possible between Windows2008-Server and 2003??
Thanks for your support
0
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 500 total points
ID: 37789210
It should work fine between 2k8 and 2k3.  As I understand it, you should only need a one-way trust.

More info:
http://technet.microsoft.com/en-us/library/cc816837(v=ws.10).aspx
http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/4520ad76-6514-4155-aa12-11b73c7b5bcc/
0

Featured Post

Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question