Re: sub domain
From: Cary Shultz [A.D. MVP] (cwshultz_at_mvps.org)
Date: 09/04/04
- Next message: Ace Fekay [MVP]: "Re: OT > Re: NAT and AD"
- Previous message: Cary Shultz [A.D. MVP]: "Re: How do I log Failed Logon attempts"
- In reply to: jabrandt_at_online.microsoft.com: "Re: sub domain"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 3 Sep 2004 21:30:04 -0400
James,
I think that Curt would benefit from ADMT v2?
Cary
<jabrandt@online.microsoft.com> wrote in message
news:e5C3eRFkEHA.2788@tk2msftngp13.phx.gbl...
> Each domain will manage have its own set of user accounts. For example
you
> cannot create a Bob account in the root domain then logon to a child
domain
> with the Bob account because ChildDomain\Bob does not exist. You could
use
> RootDomain\Bob to access resources in the child domain with appropriate
> permissions.
> What are you trying to accomplish by having users login to 2 domains?
> If you want the user to authenticate to a DC in the child domain they will
> need an account, or as Laura said, use groups to provide the permissions
via
> groups.
>
> --
> James Brandt [MSFT]
>
>
> "Curt Shaffer" <curt@chilitech.net> wrote in message
> news:ch4p2r01mt7@enews3.newsguy.com...
> >I figured that but I need authentication on the subdomain, do I add a
> >second set of users on the subdomain?
> >
> > Thanks
> >
> > "Laura E. Hunter (MVP)" <hunter(nospamplease)@sfs.upenn.edu> wrote in
> > message news:ufP6%23ODkEHA.3476@tk2msftngp13.phx.gbl...
> >> In a Windows 2000 network, parent and child domains have an automatic
> >> two-way trust relationship between them, so you can assign permissions
to
> >> resources in both domains using the user accounts in each.
> >>
> >> As a best practice, you'll create a global group in each domain
> >> containing the users FROM that domain, then add both global groups to a
> >> Domain Local group in the domain containing the resource they need
access
> >> to. Finally, assign permissions to the Domain Local group. This
creates
> >> the most flexibility and easy maintenance as users move in and out of
> >> different roles and groups.
> >>
> >>
> >>
> >> --
> >> ******************************
> >> Laura E. Hunter - MCSE, MCT, MVP
> >> Replies to newsgroup only
> >>
> >>
> >> "Curt Shaffer" <curt@chilitech.net> wrote in message
> >> news:ch4k8c11hif@enews3.newsguy.com...
> >>>I have just created a subdomain for our network. I don't want to have
to
> >>>recreate the users on the subdomain. I was going to create groups on
the
> >>>subdomain and add the users from the parent to that domain. Is this the
> >>>best way to accomplish this? Thanks for the help
> >>>
> >>> Curt
> >>>
> >>
> >>
> >
> >
>
>
- Next message: Ace Fekay [MVP]: "Re: OT > Re: NAT and AD"
- Previous message: Cary Shultz [A.D. MVP]: "Re: How do I log Failed Logon attempts"
- In reply to: jabrandt_at_online.microsoft.com: "Re: sub domain"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
