Sahrepoint 2007 - 2 domains - only one access

Hi experts

I have a sharepoint farm running in a domain A

recently  the user's computer have been migrated to a new domain B (trusted domain in the same forest).
so, the users have to access to their computer with the domain B account and when try to access to a sharepoint's web have to put again with the credentials of domain A

now, my question is....is there any way for single sign on? I would like the user only have to log in once, when starts his computer in the domain B.

thanks in advance.
jmatarranzAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dipopoCommented:
You have 2 options either:

1. Extend the application and make the new zone use the new domain for authentication.
2. ADFS Trust between the 2 domains

http://technet.microsoft.com/en-us/library/cc261698(v=office.14).aspx
http://blog.msresource.net/2011/06/23/active-directory-federation-services-ad-fs-2-0-and-multiple-ad-ds-forests/
0
jmatarranzAuthor Commented:
what do you recomend me as more easier and with less impact in a productive enviroment?
0
Rainer JeschorCommented:
Hi,
as you use MOSS 2007, there might be no ADFS support.
But what you can do is simply running STSADM command:
STSADM -o migrateuser -oldlogin olddomain\userx -newlogin newdomain\userx

Open in new window


http://technet.microsoft.com/en-us/library/cc262141%28v=office.12%29.aspx

HTH
Rainer
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

jmatarranzAuthor Commented:
http://msdn.microsoft.com/en-us/library/bb897402.aspx

in this article seems that ADFS is compatible with sharepoint 2007, isn't it?

with STSADM we would have only 1 domain login, wouldn't it? we want to mantain the 2 login domains but integrating with only the windows login.
0
dipopoCommented:
oldlogin command will not work, it is not a situation where the User and the SharePoint had been moved to a new domain, just the user had been moved, so how will User in domain B authenticate with SharePoint in domain A.

The simplest in my view is:

Extend the application and make the new zone use the new domain for authentication. Straight forward approach
0
Rainer JeschorCommented:
Hi,
@dipopo: STSADM migrateuser should work as jmatarranz mentioned that they have a trust, hence both domains should be able to be resolved and authenticated.
And by simply creating a new web app with new domain authentication means that each and every permission configuration has to be done again / twice.

@jmatarranz: you are right - ADFS is possible with MOSS 2007.
In regards to the users: with STSADM migrateuser you will simply exchange the user identities, so that the users can / have to use their new domain logins to logon to your SharePoint site, but their old domain accounts still exist in AD.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Justin SmithSr. System EngineerCommented:
Disregard all comments except for Rainer's.  The migrateuser command is what you want - that is unless you WANT users to have two distinct logins.  If you do not, then migrate the users, which is essentially changing their login names in SharePoint.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SharePoint

From novice to tech pro — start learning today.