
	Home > Ask the Windows Server Experts > Archive: Windows Server Management Questions & Answers > How to join two Active Directories but limit user access

Ask The Windows Server Expert: Questions & Answers

EMAIL THIS

How to join two Active Directories but limit user access

EXPERT RESPONSE FROM: Laura E. Hunter

		Pose a Question

		Other Windows Server Categories

		Meet all Windows Server Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 09 October 2007
I run a SharePoint server on a Windows 2003 server on Active Directory (AD1), which our internal staff connects to through our internal network. I now need to create a new domain where staffers outside the internal network can access the same SharePoint server through a new Active Directory (AD2). Here's the catch -- our internal staff also needs the ability to access our SharePoint server using the new Active Directory (AD2). How can we join the AD1 andAD2 directories, so our internal staff can access both, but outside staff can only access the new AD2?

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Archive: Windows Server Management
	How to grant rights to users needing to traverse directory trees
	Can I restore a server without overwriting the OS?
	How to recover a DNS database from registry/MMC
	How to move from a NT to Windows Server 2003 Active Directory
	Is there a way to input multiple user accounts into a Windows 2003 database?
	How to disable the Open File Security Warning dialog box
	How to perform an inter-site replication between two domain controllers
	Can 32-bit and 64-bit domain controllers co-exist?
	Can I install Exchange 2003 on a 64-bit machine and upgrade it to Exchange 2007?
	Moving workgroup to Windows Server 2003

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

It is a best practice to keep internal and external Active Directory environments segregated. Use your internal AD to authenticate your internal users, and use your external AD to authenticate your external users, and assign permissions to groups in each forest as appropriate. The alternative, setting up a trust relationship between the two forests, will entail opening up far too many ports between your DMZ and your corporate network

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Windows Server Solutions - Intel Hardware Solutions

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2004 - 2009, TechTarget \| Read our Privacy Policy