+ Post New Thread
Results 1 to 10 of 10
Windows Thread, Software for Joining 2 Domains in Technical; We have a computer in a our school that would be very useful if it had the ability to switch ...
  1. #1

    Join Date
    Mar 2007
    Location
    Cambridge, UK & Reno, USA
    Posts
    339
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Software for Joining 2 Domains

    We have a computer in a our school that would be very useful if it had the ability to switch between the admin and curriculum domain. I know there is software out there that can do that (Multinetwork Manager, Netswitcher etc). However, being a cheapskate, I was wondering if anybody new of some free software that could also do that?

    Cheers.

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,800
    Thank Post
    110
    Thanked 582 Times in 503 Posts
    Blog Entries
    1
    Rep Power
    223

    Re: Software for Joining 2 Domains

    Isn't a trust sufficient?

  3. #3

    Join Date
    Mar 2007
    Location
    Cambridge, UK & Reno, USA
    Posts
    339
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Re: Software for Joining 2 Domains

    Quote Originally Posted by Geoff
    Isn't a trust sufficient?
    It would be in a normal environment. However, my school is anything but normal - the server does not accept the trust between the two servers...however, it is perfectly possible to ping and read each other's server.

  4. #4

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,607
    Thank Post
    49
    Thanked 444 Times in 330 Posts
    Rep Power
    136

    Re: Software for Joining 2 Domains

    sqdge

    This is a common issue that I have responded to before on geek.

    AD expects relationships to exists within forests or between related forests.

    The old style of disparate NT Domains being trusted has all but disappeared.

    In order to get two different domains to trust each other was made worse by the loss of LANMAN1 compatability after 2003 SP1

    In order to get a trust relationship in place between two seperate 2003 domains do this!

    Set the clocks so that they are in sync.
    More than 5 mins and you have clock skew and keberos issues.

    Make sure that you have setup split DNS correctly and that each DC/Global Cat server can ping each other by the FQDN eg.
    server1.curric.local pings server2.admin.local and vice versa.
    Use a hosts file if absolutely neccesary and if using VLANS make sure the servers are connected to ports servicing both VLANS.

    Set up a Domain Admin Level account in both Domains that have the SAME USERNAME AND PASSWORD.

    Using the Domains and Trusts MMC use this new account to setup the keberos trust relationship.

    It is these cached credentials that will be used to exchange the current keberos key and enable the trust.

    You can safely delete or disable this account after the trust is established, the servers will constanly update the keberos keys dynamically.
    Only if there is a long term communications issue between the DC's will you ever need to re-establish the trust relationship.

    I hope this helps solve your problem.

  5. #5

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,607
    Thank Post
    49
    Thanked 444 Times in 330 Posts
    Rep Power
    136

    Re: Software for Joining 2 Domains

    I forgot the important bit....

    Once you have established your trust make sure you carry out a security audit to ensure that all the various bits of your network are secured from each other.

  6. #6
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,530
    Thank Post
    815
    Thanked 380 Times in 317 Posts
    Blog Entries
    12
    Rep Power
    80

    Re: Software for Joining 2 Domains

    Or you could just merge the 2 networks I don't see the point in having 2 seperate domains any more in an active directory environment.

  7. #7
    tosca925's Avatar
    Join Date
    Aug 2005
    Location
    Midlands
    Posts
    1,547
    Thank Post
    4
    Thanked 4 Times in 4 Posts
    Rep Power
    21

    Re: Software for Joining 2 Domains

    Or you could just merge the 2 networks I don't see the point in having 2 seperate domains any more in an active directory environment.

    Exactly as we did................. havn't looked back since

  8. #8
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    33

    Re: Software for Joining 2 Domains

    Quote Originally Posted by ittech
    Or you could just merge the 2 networks I don't see the point in having 2 seperate domains any more in an active directory environment.
    Unless of course you want to have different password policies...

  9. #9

    Join Date
    Jun 2007
    Location
    Leicestershire
    Posts
    80
    Thank Post
    22
    Thanked 3 Times in 2 Posts
    Rep Power
    14

    Re: Software for Joining 2 Domains

    Quote Originally Posted by ajbritton
    Quote Originally Posted by ittech
    Or you could just merge the 2 networks I don't see the point in having 2 seperate domains any more in an active directory environment.
    Unless of course you want to have different password policies...
    In which case, you create a GPO for the different OUs you want to have the different polices, and setup the password policies for each GPO under Computer Config -> Windows Settings -> Security Settings -> Account Policies -> Password Policies

    Surely that would do it? (Never tried it, but I guess it would?)

  10. #10

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,800
    Thank Post
    110
    Thanked 582 Times in 503 Posts
    Blog Entries
    1
    Rep Power
    223

    Re: Software for Joining 2 Domains

    Password polcies are domain wide settings. You cannot override them at the OU level.

SHARE:
+ Post New Thread

Similar Threads

  1. 2 Domains on 1 LAN?
    By john.gardner in forum Wireless Networks
    Replies: 4
    Last Post: 30th November 2007, 11:58 PM
  2. DNS between two domains RESOLVED
    By edie209 in forum Windows
    Replies: 7
    Last Post: 8th November 2007, 07:47 PM
  3. Windows Domains - 1 or 2
    By GrumbleDook in forum Windows
    Replies: 16
    Last Post: 5th March 2007, 11:12 AM
  4. joining laptops to domain
    By chrbb in forum Windows
    Replies: 11
    Last Post: 28th February 2007, 08:19 PM
  5. Need advice on joining virtual pc to domain
    By projector1 in forum Thin Client and Virtual Machines
    Replies: 5
    Last Post: 7th February 2007, 03:00 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •