+ Post New Thread
Results 1 to 4 of 4
Windows Thread, Joing two windows domains across sites in Technical; Hi there, I am after a bit of advice and to double check I am going along the correct lines. ...
  1. #1

    Join Date
    Mar 2007
    Location
    Liverpool, UK
    Posts
    89
    Thank Post
    3
    Thanked 6 Times in 4 Posts
    Rep Power
    16

    Joing two windows domains across sites

    Hi there,

    I am after a bit of advice and to double check I am going along the correct lines.

    I have two sites running as two different domains. I want to get the two domains talking to each other so users in domain 1 can FTP, log into SQL and RDP into servers on domain two. I want to set it up so that users only have to use their details from domain 1.

    I am initially looking at setting up an ipsec between the two firewalls on each site. This is the first stage I am looking to complete. I think i need to get the VPN up and running and possibly set some rules on the firewalls to direct traffic to each of the sites.

    Once i am able to ping each of the sites i am looking to setup some kind of trust relationship between the sites so that domain 1 users can be used on domain 2.

    I need to look at the groups on domain 1 and set them up securely and then with a bit of luck we can look at setting things up so that in order to FTP/connect to SQL/RDP into servers they can use their Domain 1 details. I know things like FTP will probably need to be configured to integrate with active directory but I am prepared for that!

    Am I along the right lines?

    Any tips gratefully received!

    Thanks in advance!

  2. #2

    Join Date
    Mar 2008
    Location
    Surrey
    Posts
    2,168
    Thank Post
    98
    Thanked 319 Times in 261 Posts
    Blog Entries
    4
    Rep Power
    112
    Sounds about right. If you don't need people to access domain 1 from domain 2 then the easiest way is to set up a one-way trust between the two. If I remember correctly (and I may not, the language gets a bit confusing) you'll want a one-way outgoing trust from domain 1 to domain 2.

    Then just set up a few universal groups, sort out memberships and permissions, and that should be everything.

  3. #3

    Join Date
    Mar 2007
    Location
    Liverpool, UK
    Posts
    89
    Thank Post
    3
    Thanked 6 Times in 4 Posts
    Rep Power
    16
    Will i need to put static routes on each of the firewalls to direct the traffic from each subnet across the VPN tunnel or will it use the tunnel on its own?

  4. #4

    Join Date
    Mar 2007
    Location
    Liverpool, UK
    Posts
    89
    Thank Post
    3
    Thanked 6 Times in 4 Posts
    Rep Power
    16
    Hi folks,

    Just an update, i have managed to get the site to site VPNs up and running between our two routers at each site. I am now able to ping the local subnet from the second site. All seems to be working fine.

    I eventually managed to get the additional subnets to go over the VPN by creating additional VPN tunnels for each subnet as the draytek router was not able to get the additional subnets over the one VPN tunnel.

    I am still looking the get the trust relationship up and running. This next issue i am looking at (i'm guessing) is the DNS setup. I need to be able to get users to be able to resolves servers from the remote site.

    How do i go about doing this? Do i simply add the remote DNS server as a third server on each of the hosts (and through the DHCP options).

    Anyone any tips?

    Thanks

SHARE:
+ Post New Thread

Similar Threads

  1. DNS: 2 Sites and 2 domains
    By eean in forum Windows Server 2008
    Replies: 1
    Last Post: 24th September 2009, 02:01 PM
  2. Different Domains on the same IP Range
    By techie08 in forum Windows Server 2000/2003
    Replies: 5
    Last Post: 20th May 2009, 11:11 PM
  3. [Ubuntu] Desktop 8 in Windows 2003 domains (GPO?)
    By garethedmondson in forum *nix
    Replies: 0
    Last Post: 15th May 2009, 06:33 PM
  4. Windows Domains - 1 or 2
    By GrumbleDook in forum Windows
    Replies: 16
    Last Post: 5th March 2007, 11:12 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •