+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Windows Server 2008 Thread, Connection of a laptop (W7) to many networks (AD) in Technical; Hello, A laptop (W7) was connected to a network (AD) managed by a SBS 2011; working without any problem. Then, ...
  1. #1

    Join Date
    Jul 2012
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Connection of a laptop (W7) to many networks (AD)

    Hello,


    A laptop (W7) was connected to a network (AD) managed by a SBS 2011; working without any problem.
    Then, it has been connected on another site, and joined a domain (AD managed by 2008 R2 server), without any relation with the first AD; working also without any problem.


    But, when the laptop came back to the first site, it was not possible anymore to connect it (even by writing the domain name before the username : DOMAIN1\Username).
    The server could see the PC online, but did not had authorization to access it.

    I had to connect locally (using the second domain name), and join again the domain 1 to be allowed to connect to the network.
    Is it normal ?

    Could a PC access to many different networks (AD), just by adding the domain name before the user name (if the PC has been registered into this AD in the past) ?


    Thanks in advance for your answers.

  2. #2
    tigerstar's Avatar
    Join Date
    Jun 2009
    Location
    Shropshire, UK
    Posts
    53
    Thank Post
    12
    Thanked 15 Times in 14 Posts
    Rep Power
    14
    A computer can't be a member of two different, unrelated domains. Joining a different domain revokes its access to the old one.

  3. #3

    Join Date
    Jul 2012
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    But the PC name is present in the 2 AD.


    And on XP, there was a drop-down menu below the login window, with a list of allowed domains.
    I know this drop-down menu does not exist anymore in W7, but did the ability to connect to many domains also disappeared ?

  4. #4

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,551
    Thank Post
    59
    Thanked 358 Times in 278 Posts
    Blog Entries
    7
    Rep Power
    131
    The account for the PC may still exist in the first domain but as soon as you join a PC to another domain, it's a member of that domain and that domain only. The sole way of getting a PC to authenticate against a separate domain is to build a trust relationship against the two domains which would be silly for just one PC.

    You can't do what you want to do unless you re-join every time you move between domains.

  5. #5

    Join Date
    Jul 2012
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Arghh....

    This implies a permanent VPN between the 2 networks ?

  6. #6

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,551
    Thank Post
    59
    Thanked 358 Times in 278 Posts
    Blog Entries
    7
    Rep Power
    131
    If you set up a trust relationship between the networks, yes.

    But that would be a stupid amount of work for virtually no benefit. Can't they simply use different computer on each site? If they need access to the same documents, give them an external hard drive or set up something like SkyDrive or Google docs or similar.

  7. #7

    Join Date
    Jul 2012
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    No, there is a local DB to access...

    Is it possible to establish a relationship between the domains, without VPN, and with a server being a SBS ?

  8. #8

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,551
    Thank Post
    59
    Thanked 358 Times in 278 Posts
    Blog Entries
    7
    Rep Power
    131
    Quite simply, no. If you must transport the machine between sites, it has to be a member of one domain or the other. That's not to say that you can't access network resources such as shares or terminal servers while at the other site but you'd have to manually authenticate using credentials from the local domain.

    I suppose the question should be, what exactly are you trying to achieve?

  9. #9

    Join Date
    Jul 2012
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    A user is fully member of site A (headquarters), where the network is managed by a SBS 2011.
    He often needs to go to site B, where the network is managed by a 2008 R2.
    There is no link between the 2 networks, and the AD are completely different and isolated.

    My user just want to be able to access the shared drives (containing an app/DB and some docs) on site B, using his laptop.

  10. #10

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,551
    Thank Post
    59
    Thanked 358 Times in 278 Posts
    Blog Entries
    7
    Rep Power
    131
    OK, so I take it he spends most of his time at site A and not as much at site B?

    If I were you in this scenario, on Site A I'd enable offline files on his personal area so he has a local copy of it. When he goes to site B, I'd keep the laptop as a member of site A. At site B, he'd log on to the laptop using his site A credentials. Once he gets to his Windows desktop, he'd need to manually map the shared area at site B. When mapping the drive, you'd need to check the "Connect using different credentials" box and when it asks for authentication put in his username and password for site B. You'd obviously need to get the path to the drive from whoever manages site B and you'd need to use the FQDN of the server rather than the netbios short name. This way, he has access to a cached copy of his site A stuff if he needs it and anything he wants from site B too. There's no reason why you couldn't map multiple drive letters assuming you have enough free

    Alternatively, if there's a terminal server at site B, get him to connect to that instead. It's not a pretty solution but I can't think of anything better.
    Last edited by Norphy; 10th July 2012 at 12:39 PM.

  11. #11
    tigerstar's Avatar
    Join Date
    Jun 2009
    Location
    Shropshire, UK
    Posts
    53
    Thank Post
    12
    Thanked 15 Times in 14 Posts
    Rep Power
    14
    Quote Originally Posted by Athena1390 View Post
    Is it possible to establish a relationship between the domains, without VPN, and with a server being a SBS ?
    It's not possible even with a VPN in this scenario, because SBS doesn't support domain trusts.

  12. #12

    Join Date
    Jul 2012
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    When sitting at site B, he won't need resources from site A.
    So, a script with drive mappings at site B should be sufficient.

    Thanks for all these informations.

  13. #13

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,551
    Thank Post
    59
    Thanked 358 Times in 278 Posts
    Blog Entries
    7
    Rep Power
    131
    There is another option which depends on how technical your user is and how powerful their computer is. You could download a copy of VirtualBox* and install a separate Windows 7 instance on it, make the virtual installation of Windows a member of the domain on Site B. It does mean your user would need to log on twice, that performance wouldn't be brilliant and you'd need to check your Windows licensing to see if it's allowed but it'd work.

    *Other virtualisation packages are available
    Last edited by Norphy; 10th July 2012 at 01:26 PM.

  14. #14

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,965
    Thank Post
    894
    Thanked 983 Times in 807 Posts
    Blog Entries
    9
    Rep Power
    343
    Or, space allowing, partition the laptops hard drive and install two copies of Windows - each on a different domain. The user selects which install to use dependent on the site he's at.

  15. #15

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,551
    Thank Post
    59
    Thanked 358 Times in 278 Posts
    Blog Entries
    7
    Rep Power
    131
    True, that would be simpler!



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 2nd September 2010, 02:48 PM
  2. Connecting non RM laptops to a CC3 network
    By pbed77789 in forum Network and Classroom Management
    Replies: 26
    Last Post: 16th June 2010, 03:18 PM
  3. Laptop wont connect to wifi network
    By cjw1903 in forum Network and Classroom Management
    Replies: 11
    Last Post: 6th November 2009, 03:47 PM
  4. Replies: 2
    Last Post: 11th May 2007, 03:33 PM
  5. Laptop, 2 nics, 2 networks - internet connection problem
    By WithoutMotive in forum Wireless Networks
    Replies: 3
    Last Post: 27th July 2006, 01:14 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •