How-to logon successfully thru DC in a domain thats no mine?

Discussion in 'Windows Networking' started by =?Utf-8?B?Sm9oYW4gVG9uZ2VzdGFk?=, Nov 11, 2004.

  1. Hi!

    I need to logon from workstations belonging to domain A, with a user also
    belonging to domain A, when the computer is attached to a network where there
    is no direct connection to a DC in domain A. But there is another DC in
    domain B (and different forest), that have two network cards, where one of
    them has connection to domain A. The domain B have a forest-trust to domain
    A. See a detailed description in my worddocument at
    http://hem.fyristorg.com/tongestad/$xpC901Wq77doNk112$39/PoC-AM-Net.doc
     
    =?Utf-8?B?Sm9oYW4gVG9uZ2VzdGFk?=, Nov 11, 2004
    #1
    1. Advertisements

  2. If the workstation points to or is fowarded to and can reach a DNS server
    which holds the SRV records for domain A, and the workstation has a route to
    a domain A domain controller; then the user can logon to domain A.

    Doug Sherman
    MCSE Win2k/NT4.0, MCSA, MCP+I, MVP
     
    Doug Sherman [MVP], Nov 12, 2004
    #2
    1. Advertisements

  3. I already knowed that, but what I wanted was to authenticate to the domain A,
    when there is NO route from the current subnet to that domain (reachable from
    my workstation). But the DC for domain B has two netcard, where one of them
    have full access to the domain A. The DNS on the DC in domain B has manually
    added information about the existence of domain A, and domain B trusts domain
    A. E.g. the DC for domain B shall authenticate my request for me....

    /Johan.
     
    =?Utf-8?B?Sm9oYW4gVG9uZ2VzdGFk?=, Nov 19, 2004
    #3
  4. Use a LAN Router and do it right. You do things the right way and they will
    work dependably everytime. You try to cut corners and try to "outsmart the
    system" you will always have problems and undependability.

    Never multihome a DC and expect to use it as a router (SBS being an
    exception).

    272294 - Active Directory Communication Fails on Multihomed Domain
    Controllers
    http://support.microsoft.com/default.aspx?scid=kb;en-us;272294

    191611 - Symptoms of Multihomed Browsers
    http://support.microsoft.com/default.aspx?scid=kb;EN-US;191611


    --

    Phillip Windell [MCP, MVP, CCNA]
    www.wandtv.com
     
    Phillip Windell, Nov 19, 2004
    #4
  5. If the DC for domain B can reach domain A, then the workstation on the same
    subnet can reach domain A:

    Enable routing on the domain B DC and either configure the workstation with
    a default gateway to the LAN NIC IP of the domain B DC or configure a static
    route on the workstation:

    route add <domain A network> mask <domainAsubnetmask> <LAN IP of
    domain B DC>

    Doug Sherman
    MCSE Win2k/NT4.0, MCSA, MCP+I, MVP
     
    Doug Sherman [MVP], Nov 23, 2004
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.