Solved

Trying to login to 2008 DC after connecting with Sonicwall VPN client

Posted on 2013-01-02
7
224 Views
Last Modified: 2013-01-24
Not sure if there is a another workaround for this, but have a user who needs access to our remote server, they are with another company on a different windows domain.  After connecting through Sonicwall VPN client I can connect to the DC provided my laptop (which is just part of a workgroup) login/password are duplicated on the DC.  Do I need to get their login/password and then create an account on our domain to match or is there another solution.
0
Comment
Question by:Webcc
  • 3
  • 2
  • 2
7 Comments
 
LVL 4

Expert Comment

by:brokenbyte
ID: 38738977
Does this mean that your DC is also your remote server, and they are connecting to it directly?

What exactly do they need access to? There might be a better way to skin this particular cat.
0
 

Author Comment

by:Webcc
ID: 38739986
Correct.  They need to share files including a QuickBooks file.  Wish we had the budget for server just for filesharing or another computer to connect to first with RDP or LogMeIn.
0
 
LVL 12

Expert Comment

by:DLeaver
ID: 38741702
Risky to open your DC up like this but I understand the difficulties when trying to manage budgets with best practice.

The connection method you have outlined is fine, creating an account in AD such as 'contractor' and consider the permissions you assign-the bare minimum would be advisable.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:Webcc
ID: 38741870
Has to match their local login account to the domain account - correct?
0
 
LVL 12

Accepted Solution

by:
DLeaver earned 500 total points
ID: 38741973
I see what you're trying to do, as setting it this way will trick the DC into allowing the user access without re prompting for credentials

However I don't recommend it, instead just get the user to map the network drive with the alternate credentials of the new user you have created (connect using different credentials)
0
 

Author Comment

by:Webcc
ID: 38742031
That's what I was trying to do, but would not accept alternate credentials?
0
 
LVL 4

Expert Comment

by:brokenbyte
ID: 38742386
Have you tried using the 'net use' command to map the drive?

The syntax is as follows:

NET USE
[devicename | *] [\\computername\sharename[\volume] [password | *]]
        [/USER:[domainname\]username]
        [/USER:[dotted domain name\]username]
        [/USER:[username@dotted domain name]
        [/SMARTCARD]
        [/SAVECRED]
        [[/DELETE] | [/PERSISTENT:{YES | NO}]]

so I think you'd need something like the following:

net use z: \\server\share password /USER:domainname\username

Let us know if that helps.

And are you sure that you don't have a spare PC lying around somewhere that you have have them log on to via RDP or Logmein? It's just such a risk to open your system up like you are.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now