?
Solved

Accessing resources on another network and authentication

Posted on 2013-02-05
1
Medium Priority
?
174 Views
Last Modified: 2013-02-19
I have a query about authenticating across domains for resources. I have a one way trust in place with another company. If a user authenticates on the remote network and tries to access a resource on my network do they authenticate off any of my domain controllers or are they simply handed a token when they logon to their network and seamlessly pass through onto my network and obviously when they try to access a shared resource their token is checked for permissions.
Thanks
0
Comment
Question by:Sid_F
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 38854671
They don't authenticate to your domain controllers, that happens on their domain controllers.  They will get a TGT and service tickets for your file server/resources

Good page here

http://technet.microsoft.com/en-us/library/cc773178(v=ws.10).aspx

The Kerberos Authentication process over domain trusts is a good overview.

Thanks

Mike
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question