AD Questions..

N

news.microsoft.com

We have a 2 domain network. Dom1 has very sensitive information on it, with
limited users on it. Dom2 is the more more public area, with EVERYONE having
access.

now the tricky part.

only a few Dom1 users have an account on DOM2.
There will be an exchange 03 Server in the DOM2 network.

is there anyway that i can get the DOM1 active directory to pass its user
information to the DOM2 Active directory without any security issue?

With the Exchange in the DOM2 AD, I can make an account for the dom1 users
in the dom2 network, but i would like to have the AD do this for me, and
track all the paswwords/security as well.

Any help would be great!!
TIA

KCI
 
P

ptwilliams

If both Domains reside in the same forest, there is, by default, a two-way
transitive trust that will automatically do this for you - as long as DNS is
configured correctly ;-)

Are your Domains in the same forest and are they aware of each other? If
they reside in different namespaces, then you'll need at least a secondary
DNS server for the other domain in each domain...


--

Paul Williams
_________________________________________
http://www.msresource.net - Under construction, but coming soon...


Join us in our new forums!
http://forums.msresource.net
_________________________________________


We have a 2 domain network. Dom1 has very sensitive information on it, with
limited users on it. Dom2 is the more more public area, with EVERYONE having
access.

now the tricky part.

only a few Dom1 users have an account on DOM2.
There will be an exchange 03 Server in the DOM2 network.

is there anyway that i can get the DOM1 active directory to pass its user
information to the DOM2 Active directory without any security issue?

With the Exchange in the DOM2 AD, I can make an account for the dom1 users
in the dom2 network, but i would like to have the AD do this for me, and
track all the paswwords/security as well.

Any help would be great!!
TIA

KCI
 
K

KCMe

I highly doubt that these are both in the same forest. but they do use the
same IP range (712.17.x.x) They are seperated by by a sonic wall firewall.

does anyone know what port numbers the "trusts" use when i am trying to
create atrust through this firewall.

KEvin
 
P

ptwilliams

Here's a list of all the ports Windows uses.
http://support.microsoft.com/?kbid=289241

Bear in mind, that opening up for RPC is quite insecure -it uses a random
port to talk back.

There's a whitepaper that may help on the subject:

http://www.microsoft.com/serviceproviders/columns/config_ipsec_P63623.asp

--

Paul Williams
_________________________________________
http://www.msresource.net

Join us in our new forums!
http://forums.msresource.net
_________________________________________
I highly doubt that these are both in the same forest. but they do use the
same IP range (712.17.x.x) They are seperated by by a sonic wall firewall.

does anyone know what port numbers the "trusts" use when i am trying to
create atrust through this firewall.

KEvin
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Restricting access to AD located in another domain 2
Strange Authentication Errors 3
move sent items to alternate folder dependant on sender email addr 14
Authenticate agains several Active Directory Domains 3
pathping problem? 3
Allowing users to update their own AD user information displayed in GAL? 19
questions 2
Global Catalog Setup 0

Top