[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Active Directory, Domain Names, and Forests

Posted on 2013-10-29
4
Medium Priority
?
282 Views
Last Modified: 2013-11-03
I have Site A = contoso.com = All users sign in.
I have Site B = Fabric.com = All users sign in.

I want All users to be able to sign in to Site A and Site B.
Ex. All the workstations and computers should allow the user to select which domain to sign in on.

Please tell me which steps i need to take to accomplish this.

Thank you.
0
Comment
Question by:Jimbo0215
4 Comments
 
LVL 22

Assisted Solution

by:CompProbSolv
CompProbSolv earned 375 total points
ID: 39610566
If there are accounts on the local computers for both users (username@contoso.com and username@fabric.com) the client OS will give you the option. If you will mention which client OS you use, more details can be provided.

Keep in mind that the two logins are considered different users and will not, by default, share the same profiles.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 375 total points
ID: 39610582
Are you talking about 1 Forest with 2 domains? or 2 separate forests with a 2 way forest trust?

If you are talking about 1 forest with 2 domain's there are already "transitive" trusts that are created between both. When you have a user from contoso.com logging into a machine that resides in domain Fabric.com use simply need to use the UPN of the user when logging into the machine... i.e. user1@contoso.com and it should work with no issues.

If you have 2 separate forests you will need to ensure that there is a 2 way forest trust between the 2 forests to ensure connectivity.

Just remember that if the user is using remote desktop (RDP) to connect to the machines in the trusted domain or forest the users must be part of the remote desktop group on the trusting domain.

@CompProSolv there is no need to have 2 different accounts when logging into the a trusted forest.

Will.
0
 
LVL 12

Assisted Solution

by:Satish Auti
Satish Auti earned 375 total points
ID: 39610777
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 375 total points
ID: 39612159
You first need to create trust as auti suggested.

Checklist: Creating a forest trust
http://technet.microsoft.com/en-us/library/cc756852%28WS.10%29.aspx 

Accessing resources across forests
http://technet.microsoft.com/en-us/library/cc772808%28WS.10%29.aspx
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question