Tuesday, October 9, 2018

active directory - Windows Server Connected to Domain Without Being Domain Controller



Can a Windows Server be connected to an Active Directory domain without being a domain controller? Here's the scenario:



I want to use Windows Server 2012 to run several virtual machines for testing our web application in a variety of environments. We have a corporate domain, and I'd like to use the corporate login (or at least a common login) on each of the virtual machines without necessarily having to get IT to set up each virtual machine on the corporate domain. Also, I need the server itself to be able to authenticate domain logins (the app uses domain login information for users to login). However, I absolutely do NOT want it to be a DC on the corporate network.



Thus, my questions:





  • Can a Windows Server be connected to an Active Directory domain without being a DC?

  • Can a Windows Server authenticate users on another domain without being a part of that domain?

  • Can a Windows Server be a domain controller in a small network (comprised of just the server and itself) and use the corporate domain's Active Directory for authenticating user logins to the server, the web app, and the virtual machines?


Answer



So, just to be clear, is this an accurate description of your problem?






  • You have an app that you want to test in a couple of virtual machines.

  • This app supports Active Directory integrated authentication.

  • You want to have a domain somewhere that you can use to test that
    authentication mechanism.




If this is true, then you definitely DO NOT want any of those machines to be a member of your corporate domain.




You should instead have a separate test domain for testing your application. This domain can be hosted on a virtual machine (domain controller).



You can set up this domain to trust your real, corporate domain. Then add realCorporateDomain\Users to the testDomain\Users group. This will allow you to log in to the computers in your test domain.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...