General discussion

Locked

Access AD from non ad PC's

By jtew ·
I am in an envrionment of 200+ PC's, 8 Novell Servers, and 12 Window servers,
We have a single AD Domain Controller, all other servers are either member alone, or stand servers.
We do not want the end user PC's fully joined to the Domain, however, we want the domain to control access rights to all servers for centralised username, password, access control administration of the servers.
Is there a way, to get the end user PC's to still belong to a workgroup, but yet have access to member servers based on group membership in the domain.

This conversation is currently closed to new comments.

10 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

Collapse -

by sgt_shultz In reply to Access AD from non ad PC' ...

This should work if the workstation os's support smb. older nt and 98 gonna need patching...
if not, post exactly what workstation os and what error you are getting. most times i resolve this problem by changing permissions on the shared resources...here is a better explanation from ms

? How to enable Windows 98/ME/NT clients to logon to Windows 2003 based Domains


http://support.microsoft.com/kb/555038/en-us

Collapse -

by sgt_shultz In reply to

btw, that is a seriously misguided idea, imho. workgroups by definition do not use central authentication. and you are not going to protect your network much by 'not joining the domain'. the domain is where you want them to be, imho.

Collapse -

by jtew In reply to

I am asking for info to help me access my windows servers via windows 2000/xp clients. All clients are joined/have novell clients. file server is 95% from novell server. Telling me that it is a misguided Idea doesn't help me. I know that just joining them to the domain would be the best way to go, however it is not an option.

Collapse -

by p.j.hutchison In reply to Access AD from non ad PC' ...

No, I would not recommend such a setup, domain membership would be more secure than a workstation setup. You can use Terminal Services to login to a server to control rights but it is too clumbersome from a workgroup PC.

Collapse -

by jtew In reply to

I am asking for info to help me access my windows servers via windows 2000/xp clients. All clients are joined/have novell clients. file server is 95% from novell server. Not reconmending it, or telling me it's too clumbersome to do something that I'm already doing doesn't help me.
I know that just joining them to the domain would be the best way to go, however it is not an option.

Collapse -

by p.j.hutchison In reply to Access AD from non ad PC' ...

You can join the servers (not the workstations) to the domain. Then use Terminal services to access the servers via domain logins.

Collapse -

by jtew In reply to

I agree this would work, yet it adds a lot of cumbersome steps for end user to go through to get access to the data they need. I'm just wanting a select group of people to get access to netshare with out having to enter a password.
All workstation username and passwords are duplicated on the domain

Collapse -

by jtew In reply to Access AD from non ad PC' ...

all I'm really needing is access to the network shares that are on the domain

Collapse -

by p.j.hutchison In reply to Access AD from non ad PC' ...

The only other way to access data without having to enter passwords is to set NTFS permissions for Everyone to Modify and share permissions to Read/Write. Then you can by pass the access rights altogether.

Of course this will make the entire thing unsecure....

Collapse -

by esstee In reply to

If you use the Novell Client, there is a setting that will synch the login anme to a windows username. this may require a substantial change to your windows pc naming/username convention, but it may provide an easier way to access what you need.

Back to Windows Forum
10 total posts (Page 1 of 1)  

Related Discussions

Related Forums