?
Solved

Process running as different domain user

Posted on 2012-03-29
3
Medium Priority
?
317 Views
Last Modified: 2012-04-12
Hi all

I have following constellation:

Server0
Domain: server-domain.lan
Windows Server 2003
      With Active Directory
      Domain Controller

Server1
Domain: server-domain.lan
Windows Server 2005
      IIS Host (Application Server)


Client0
Domain: server -domain.lan

Client0 is connecting to the domain with user/password
Client0 is hosting a service (dataGetter) retrieving data through WCF from Server1, where security setting of the binding are set to:

<binding name="BasicNetTcpBinding" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" maxReceivedMessageSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>

To ensure that only specific user are allowed to use the WCF service from Server1

Now Client0 has to be moved to “client-domain.lan” and will thus not be able to get the credential, which will prohibit “dataGetter” to retrieve data.
Before making changes on the WCF-service of Server1, I would rather have the “dataGetter” process to run in a special account on the Client0. Such as, the physical machine being in the “client-domain” and the process in the “server-domain”.
Is this possible ?
0
Comment
Question by:thomasbau65
  • 2
3 Comments
 
LVL 35

Expert Comment

by:Paul MacDonald
ID: 37784123
If I understand the question correctly, a user can autheticate to server-domain from client-domain by using the format
  domain\username
along with the appropriate password for that account.  This will require the user in client-domain to autheticate separately.

The only other way I can think to do it would be set up a trust relationship between server-domain and client-domain, and allow the user from client-domain to use the service.
0
 
LVL 1

Author Comment

by:thomasbau65
ID: 37789174
Ok so one solution could be to let the AD of both domain do the trick by setting up a trust relationship between them.
Is this possible between Windows2008-Server and 2003??
Thanks for your support
0
 
LVL 35

Accepted Solution

by:
Paul MacDonald earned 2000 total points
ID: 37789210
It should work fine between 2k8 and 2k3.  As I understand it, you should only need a one-way trust.

More info:
http://technet.microsoft.com/en-us/library/cc816837(v=ws.10).aspx
http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/4520ad76-6514-4155-aa12-11b73c7b5bcc/
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Virtualization software lets you run different versions of Windows, Ubuntu Linux and other versions of Linux all at the same time, rather than running each one directly from your computer's hard drive.
This is an update to some code that someone else posted on Experts Exchange. It is an alternate approach, I think a little easier to use, & makes sure that things like the Task Bar will update.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question