+ Post New Thread
Results 1 to 11 of 11
Wireless Networks Thread, Seemless logon to Two domains in Technical; I have a webserver that is dual NIC'd and connected to both my CC3 network and vanilla admin network. This ...
  1. #1
    randle's Avatar
    Join Date
    Dec 2006
    Location
    Chelmsford, Essex
    Posts
    561
    Thank Post
    59
    Thanked 16 Times in 15 Posts
    Rep Power
    18

    Seemless logon to Two domains

    I have a webserver that is dual NIC'd and connected to both my CC3 network and vanilla admin network. This hosts the intranet and helpdesk of which i have Windows Integrated Authentication selected on the whole helpdesk and certain areas of the intranet allowing me to control access to certain groups. As far as i'm aware you can only join one domain at a time so opted to join the domain with the highest usage which works fine but on the other domain where authentication is required, the user is presented with a login box and have to use the domain\username format to login successfully which is obviously due to not being able to add the required user groups from this domain to the webserver which is part of another domain.........Have i confused you yet?

    Anyway what i want to know is whether there's a way to add both domain groups so that it's a seemless login throughout!?

  2. #2
    joe90bass's Avatar
    Join Date
    Oct 2007
    Location
    S Wales
    Posts
    1,345
    Thank Post
    316
    Thanked 106 Times in 95 Posts
    Rep Power
    50
    Have you setup a trust relationship between the two domains?

  3. #3
    randle's Avatar
    Join Date
    Dec 2006
    Location
    Chelmsford, Essex
    Posts
    561
    Thank Post
    59
    Thanked 16 Times in 15 Posts
    Rep Power
    18
    Sorry i forgot to mention that these Two networks are on completely different physical infrastructures and only come together at this server so am unable to see one domain from the other

  4. #4

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,541
    Thank Post
    831
    Thanked 610 Times in 413 Posts
    Rep Power
    432
    are they in 2 seperate forests? If so then a trust relation will work.
    I have 2 forests hear and created a trust relationship between them - both domains appear in XP Login
    Also, theres an option in Group Policy to allow cross forest policies
    (Default Domain Policy/Computer config/Administrative Templates/System/group policy/Allow Cross-Forest User Policy and Roaming Profiles (ENABLED))

  5. #5
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    33
    Quote Originally Posted by randle View Post

    Anyway what i want to know is whether there's a way to add both domain groups so that it's a seemless login throughout!?
    I'm asking to be shot down, but I would say that it will not be possible. These two domains are obviously not linked (as you say) and there is therefore no trust between them. You will not be able to add groups from domains that are not part of the domain to which the machine belongs or that are trusted by it either directly or transitively.

    You have opted for total isolation and this is the downside.

    EDIT: You could join the networks and add routing between the IP schemes (if necessary) and then create a trust but I suspect you have them on seperate networks for a reason!
    Last edited by ajbritton; 3rd July 2008 at 05:50 PM.

  6. Thanks to ajbritton from:

    randle (4th July 2008)

  7. #6
    randle's Avatar
    Join Date
    Dec 2006
    Location
    Chelmsford, Essex
    Posts
    561
    Thank Post
    59
    Thanked 16 Times in 15 Posts
    Rep Power
    18
    Unfortunately having Two complete separate networks was not my choice to make at the time and not something the PTB will allow currently.

    I thought it may be the case but wanted to check just in case i was missing something.

  8. #7

    Join Date
    Jan 2007
    Location
    Birmingham
    Posts
    807
    Thank Post
    29
    Thanked 36 Times in 24 Posts
    Rep Power
    25
    As another solution, could you virtualise the server? i.e. make 2 webservers, have one on each domain (thus removing the issue with the domain/username) then sort out replication between the two.

  9. #8
    randle's Avatar
    Join Date
    Dec 2006
    Location
    Chelmsford, Essex
    Posts
    561
    Thank Post
    59
    Thanked 16 Times in 15 Posts
    Rep Power
    18
    This is an interesting idea but the server really doesn't have the power to host Two virtual sessions simultaneously unfortunately but i like the idea

  10. #9

    Join Date
    Jan 2007
    Location
    Birmingham
    Posts
    807
    Thank Post
    29
    Thanked 36 Times in 24 Posts
    Rep Power
    25
    what spec is the server?

  11. #10
    randle's Avatar
    Join Date
    Dec 2006
    Location
    Chelmsford, Essex
    Posts
    561
    Thank Post
    59
    Thanked 16 Times in 15 Posts
    Rep Power
    18
    Windows 2k server, 2x P3 processors @ 1GHz, 1.5GB RAM, 4GB Primary partiton

  12. #11

    Join Date
    Jan 2007
    Location
    Birmingham
    Posts
    807
    Thank Post
    29
    Thanked 36 Times in 24 Posts
    Rep Power
    25
    Ah, yes you're probably right!

SHARE:
+ Post New Thread

Similar Threads

  1. Cachepilot & 2 domains
    By j17sparky in forum How do you do....it?
    Replies: 8
    Last Post: 23rd April 2008, 03:21 PM
  2. Potential Problem - 2 domains
    By robbied69 in forum Windows
    Replies: 3
    Last Post: 21st January 2008, 05:31 PM
  3. 2 Domains on 1 LAN?
    By john.gardner in forum Wireless Networks
    Replies: 4
    Last Post: 30th November 2007, 11:58 PM
  4. DNS between two domains RESOLVED
    By edie209 in forum Windows
    Replies: 7
    Last Post: 8th November 2007, 07:47 PM
  5. Windows Domains - 1 or 2
    By GrumbleDook in forum Windows
    Replies: 16
    Last Post: 5th March 2007, 11:12 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •