Scenario: two servers which are not connected. They work fine independently; if I configure the PC in question to log in to DOMAIN1 then it works. If I configure the PC to log in to DOMAIN2 it works.
So is it possible for a single computer to access DOMAIN1 and DOMAIN2 simultaneously? Right now it sort of works. The user logs in to DOMAIN1 but has an account in DOMAIN2 and so long as the username and password are the same then I simply map a network drive in DOMAIN2 and the user is in both systems.
Is this the only way to accomplish this? DOMAIN1 is WinNT Server and DOMAIN2 is Win2K Server. Computer in question is a Win2K machine.
Another thing I would be satisfied in doing is to simply have the user log out of DOMAIN1 and then in the log on screen (ctrl-alt-del protects your password! ;)) choose DOMAIN2 from the drop-down list and log back in. But I can never add domains to the list, only change the domains. The drop down list never exceeds DOMAINX and THISCOMPUTER.
You can create a trust relationship between the two domains so that you may access the resources on one domain from the other. You won’t have to add or replace the domain in the logon, nor will you have to log off then back on to a new domain.
check out the microsoft site Domain Trusts for a quick guide.
Unless the W2K server is running in “Native Mode” it will need a trust relationship to see it. But if it is running in “Mixed Mode” I would think both servers could see each other.
But if the W2k server is in Native Mode it cannot be switched back without demoting Active Directory then promoting it again.
for the purposes of mapping a network drive, you can do this:
c:> net use n: \server\share /user:domain2\username2 /persistent:yes
and it will prompt you for the password for the specified user in the other domain.
(the /persistent:yes is not necessary, but is equivalent to checking the “reconnect at login” checkbox in the Map Network Drive dialog)
The entries in this drop down box will always be:
The local macine.
The domain that the machine is a member of.
And any other domains that trust the domain that the machine is a member of.
Athough, as has been said, once you setup the trust you won’t need to logout an log back in. You can just net use to whatever resources you want to use. [After you’ve granted the right permissions of course.] You don’t even have to create a duplicate user account in domain2.
Excellent help, everyone. galt’s method, should anyone choose to employ it, can’t be run as a batch file. Though it prompts for a password, it won’t let you type it!
Still, to be clear, is it even possible in principle for a workstation to have THISCOMPUTER, DOMAIN1, and DOMAIN2 available at the logon screen? I don’t care if the servers talk to each other, it is the workstation (a laptop with wireless and land line connection) that needs to get around.
Actually, its any other domains that are trusted by the domain the machine is in. This is a confusing topic, the easiest way to keep it straight is to remember that the resource must trust the user (the domain in which the user accounts are defined).
So the answer to your question erislover, is no, not without a trust.
galt’s method can be run as a batch file, because net use accepts the password as an argument. This syntax is:
net use \server\share password /user:domain\account
I’m sorry, it does let you, it just doesn’t have any characters appear on the screen. This actually works great for mapping drives. But now, does it actually log in to the other domain or simply get permission to access the drive?
Looks like I’m going to have to read up on trust more.
