Authentication for non-domain computers
- From: "Hugh" <Hugh@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 5 Jul 2005 17:06:02 -0700
We are in the process of allowing contractors into our network via a Cisco
VPN solution. The contractors will access a "SecureNet" area only, which is
separate from our production network. The SecureNet will also contain
development servers upon which the contractors will work. The SecureNet will
also contain an LDAP proxy, which will allow authentication to our production
AD environment without direct access to any domain controllers.
The contractors will be using their own computers, which will not be
"joined" to our domain - thus, the computers will have no Kerberos password.
The contractors will, however, have AD user accounts. In this scenario, how
can we authenticate these users? Keep in mind that this is not a web/browser
scenario. Their computers will need to directly access NTFS partitions.
We have considered a separate forest for the SecureNet, but prefer the proxy
approach to reduce administrative overhead, assuming we can resolve this
issue.
Thanks in advance.
--
Hugh
.
- Follow-Ups:
- Re: Authentication for non-domain computers
- From: Mike Shepperd
- Re: Authentication for non-domain computers
- Prev by Date: Re: Find Users Group Membership
- Next by Date: Re: applying group policy
- Previous by thread: Win 2K servers got license error msg after Domain upgrade to W2K3
- Next by thread: Re: Authentication for non-domain computers
- Index(es):
Relevant Pages
|
