jmatarranz
asked on
Sahrepoint 2007 - 2 domains - only one access
Hi experts
I have a sharepoint farm running in a domain A
recently the user's computer have been migrated to a new domain B (trusted domain in the same forest).
so, the users have to access to their computer with the domain B account and when try to access to a sharepoint's web have to put again with the credentials of domain A
now, my question is....is there any way for single sign on? I would like the user only have to log in once, when starts his computer in the domain B.
thanks in advance.
I have a sharepoint farm running in a domain A
recently the user's computer have been migrated to a new domain B (trusted domain in the same forest).
so, the users have to access to their computer with the domain B account and when try to access to a sharepoint's web have to put again with the credentials of domain A
now, my question is....is there any way for single sign on? I would like the user only have to log in once, when starts his computer in the domain B.
thanks in advance.
ASKER
what do you recomend me as more easier and with less impact in a productive enviroment?
Hi,
as you use MOSS 2007, there might be no ADFS support.
But what you can do is simply running STSADM command:
http://technet.microsoft.com/en-us/library/cc262141%28v=office.12%29.aspx
HTH
Rainer
as you use MOSS 2007, there might be no ADFS support.
But what you can do is simply running STSADM command:
STSADM -o migrateuser -oldlogin olddomain\userx -newlogin newdomain\userx
http://technet.microsoft.com/en-us/library/cc262141%28v=office.12%29.aspx
HTH
Rainer
ASKER
http://msdn.microsoft.com/ en-us/libr ary/bb8974 02.aspx
in this article seems that ADFS is compatible with sharepoint 2007, isn't it?
with STSADM we would have only 1 domain login, wouldn't it? we want to mantain the 2 login domains but integrating with only the windows login.
in this article seems that ADFS is compatible with sharepoint 2007, isn't it?
with STSADM we would have only 1 domain login, wouldn't it? we want to mantain the 2 login domains but integrating with only the windows login.
oldlogin command will not work, it is not a situation where the User and the SharePoint had been moved to a new domain, just the user had been moved, so how will User in domain B authenticate with SharePoint in domain A.
The simplest in my view is:
Extend the application and make the new zone use the new domain for authentication. Straight forward approach
The simplest in my view is:
Extend the application and make the new zone use the new domain for authentication. Straight forward approach
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Disregard all comments except for Rainer's. The migrateuser command is what you want - that is unless you WANT users to have two distinct logins. If you do not, then migrate the users, which is essentially changing their login names in SharePoint.
1. Extend the application and make the new zone use the new domain for authentication.
2. ADFS Trust between the 2 domains
http://technet.microsoft.com/en-us/library/cc261698(v=office.14).aspx
http://blog.msresource.net/2011/06/23/active-directory-federation-services-ad-fs-2-0-and-multiple-ad-ds-forests/