Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Authentication across multiple domains

Posted on 2013-02-07
6
Medium Priority
?
387 Views
Last Modified: 2013-02-14
We have two separate domains, connected via VPN, and I'm wanting to authenticate on one server with users from the other domain. We're running a web server which would need to authenticate in IIS. I'm hoping this would be possible. We cannot join the domains as they are two separate legal entities.
0
Comment
Question by:andrew_2706
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 38

Expert Comment

by:Justin Smith
ID: 38865473
Is this a SharePoint question?  Is there a trust betwen the domains?  Have you talked about ADFS?
0
 

Author Comment

by:andrew_2706
ID: 38865521
We intend to install SharePoint and to also try and authenticate for that service too. I do not know how to implement a trust between the domains and have not looked at ADFS - what would you suggest?
0
 
LVL 38

Expert Comment

by:Justin Smith
ID: 38865612
If you are wanting users to authenticate with their domain credentials, you will have to create a trust between the domains (possible since you have VPN connection), or implement an ADFS solution (allows you to use internet connection between the sites).
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:andrew_2706
ID: 38865720
That sounds like exactly what we need to do, how difficult is it to set up the trust between the two domains? we have admin access to both DC's
0
 
LVL 38

Expert Comment

by:Justin Smith
ID: 38866115
Not that hard.  Just do some Google searches.  If you have a sys admin team, it's a fairly common task that they should know how to do.
0
 
LVL 18

Accepted Solution

by:
Sarang Tinguria earned 2000 total points
ID: 38866919
Create conditional forwarders in both of your forest DNS server pointing to each other

How to Configure DNS Conditional Forwarding in Windows Server ...
www.youtube.com/watch?v=QL5oclBf4BM
http://msmvps.com/blogs/ad/archive/2008/09/05/how-to-configure-conditional-forwarders-in-windows-server-2008.aspx

Then follow below link to create trust

http://www.misdivision.com/blog/how-to-create-a-trust-in-windows-server-2008-r2
0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question