asked on
2 domains over VPN
We have DOMAINA which is in a company we aquired. All their users and servers all join that local domain. At headquarters (HQDOMAIN) we require the aquired companies users to join our HQDOMAIN. How can we configure the relationship between the two domains so that they can still join HQDOMAIN while continuing to use the DOMAINA for their servers. Their SQL environment and File Servers all require to be part of this DOMAINA. All NTFS permissions defined in DOMAINA will go away if their local users JOIN the HQDOMAIN.
I'm sure this is a common scenario when compaines are bought and merged. I'm not sure if we can mess with the forrest or things at that level. Trusts can be created, but I don't think that solves much. Anyone can direct me to common solutions to this. 1 company buying up other smaller companies and how AD becomes an issue with local applicatons/servers.
BTW, we currently have site to site vpn setup and running so we have complete bidirectional communication. Just need options for handling domains
I'm sure this is a common scenario when compaines are bought and merged. I'm not sure if we can mess with the forrest or things at that level. Trusts can be created, but I don't think that solves much. Anyone can direct me to common solutions to this. 1 company buying up other smaller companies and how AD becomes an issue with local applicatons/servers.
BTW, we currently have site to site vpn setup and running so we have complete bidirectional communication. Just need options for handling domains
Active DirectoryVPNWindows Networking
Last Comment
Michael Machie
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I've requested that this question be deleted for the following reason:
Not enough information to confirm an answer.
Not enough information to confirm an answer.
I disagree with closing this question without assigning points. All the correct and proper info has been given, and I have even offered to provide a script for the second part of this question. The issue here is the Author is not providing an update. If you require proof that these are correct answers, such as by external links that are not allowed by EE, then please say so to validate the answer and award points.
I do not believe any Expert's hard work and information-sharing should be rewarded with a deletion. This type of action discourages me, and I am positive it discourages other experts, to the point of not wanting to participate when half the questions I spend my time helping on and they get deleted because no update from the Author has been given in a Moderator-defined time frame, which is not consistent from moderator to moderator.
I do not believe any Expert's hard work and information-sharing should be rewarded with a deletion. This type of action discourages me, and I am positive it discourages other experts, to the point of not wanting to participate when half the questions I spend my time helping on and they get deleted because no update from the Author has been given in a Moderator-defined time frame, which is not consistent from moderator to moderator.
However, what is the best way to allow them to change their passwords on the HQDOMAIN. Again we have a site to site VPN, but unless they logon/join the HQDOMAIN, what are the ways their users can change their passwords every 90 days (also reminders of password expirations)