Re: Combining AD Domains and Workgroups

From: Doug Sherman [MVP] (dsherman_at_nospam.tampabay.rr.com)
Date: 01/09/05 

Date: Sun, 9 Jan 2005 11:58:06 -0500

Browsing and authentication are separate issues.

Also, there are differences between bowsing workgroups vs. domains in a
routed environment. The usual solution is WINS; however, you may be able to
give all macines access to a domain/workgroup browse list by using lmhosts
files or simply installing a domain member machine on the workgroup subnet.
See:

http://support.microsoft.com/default.aspx?scid=kb;en-us;149941

http://support.microsoft.com/default.aspx?scid=kb;en-us;117633

http://support.microsoft.com/default.aspx?scid=kb;en-us;150800

In order to actually access resources on a DC over the network, the user
must, at a minimum, present credentials listed in the Domain Controllers
OU/Group Policy/Windows Settings/Security Settings/Local Policies/User
Rights Assignment - Access this computer from the network.

Doug Sherman
MCSE Win2k/NT4.0, MCSA, MCP+I, MVP

"Shalom B." <s.bhooshi@btinternet.com> wrote in message
news:crqp00$a84$1@hercules.btinternet.com...
>
> It is my understanding that to enable browsing computers (or atleast
> have them visible)via the network neighbourhood the computers have to be
> in the same workgroup or AD Domain (please correct me if i am wrong),
> therefore, how does one effeciently maintain smooth authentication and
> computer browsing for a multihomed host connected to both an AD domain
> and a simple workgroup.
>
> Scenario : I have a AD domain consisting of 2 DCs, one of which is
> multi-homed, one interface leading to one AD Domain in a LAN and
> another interface leading to a remote LAN. There are no issues with
> connectivity but there are problems authenticating hosts on the remote
> LAN to be able to browse the second DC via the Network Neighbourhood,
> also, there are some intermittent problems in Mapping drives to this
> second DC.
>

Relevant Pages

  • Can see other computers.
    ... I have a small peer to peer LAN with a LinkSys hub. ... I have checked the workgroup name and re-entered it ... and I have installed Client for Microsoft networks, ...
    (microsoft.public.windowsxp.network_web)
  • Re: No Network.........!
    ... now in my workgroup one of my machine is ... > not available although i am unable to ping, but internet is working ... have one firewall running on the troubled machine and that it is ... configured to allow the lan as trusted. ...
    (microsoft.public.windowsxp.network_web)
  • Re: What is the workflow for folder sharing authentication in Windows 2000?
    ... authentication for W2K clients. ... Workgroups use lm, ntlm, or ntlm v2 ... depending on mix of clients in workgroup. ... > a machine using a logon identity to access a shared folder from ...
    (microsoft.public.win2000.security)
  • Re: network with 98ses.
    ... >> use your network effectively. ... you need to change the workgroup on all of your computers. ... >> own LAN. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Fast User Switching in Domain Member mode / Authentication Ticket security risks
    ... >> understanding that the member computer had it's own authentication method ... >> I workgroup mode, the requests are still tunneled across of the RPC ... No public key encryption is used. ... >> the authentication ticket between two workgroup computers. ...
    (microsoft.public.platformsdk.security)