locked
How to access MOSS 2007 site from different domain without providing username and password RRS feed

  • Question

  • Hi All,

    We have installed MOSS 2007 in 'A' domain. A site is created and trying to access it from different domain 'B'. Whenever i try to access this link form B domain, Iam prompted to provide username and password. How can we access the site without propmting for username and password within the networks. Any setting that we need to configure while installing moss or domain mappings or etc.,

     

    My Site configuration is Authentication is Windows, IIS authentication is Basic authentication, Enable Client Integration is No.

     

    Thanks in advance.

    Tuesday, August 10, 2010 7:47 AM

Answers

  • hi,

    for browsing content, your credentials won't be accepted by the domain sharepoint is hosted in, because it doesn't trust it.

    This prevents hacking attempts from unsupervised domains (if the server gets hacked for example, he still has no rights on the corporate domain, for example listing all users or worse)

    using integrated windows auth will at least require a one way trust (sharepoint "ressource" domain trusts your corporate domain to validate the accounts)

    So usually, you setup untrusted access without a domain, with login and password. Check google for "FBA authentication". This requires a small amount of code, and a database or ldap list of user passwords.

    for simple tip and tricks, refer for example to : http://www.olegsych.com/2009/05/crossing-domain-boundaries-windows-authentication/

    For detailed explanations, this post is awesomeness : http://blogs.technet.com/b/steve_chen/archive/2010/06/25/multiple-logon-while-open-office-document-from-sharepoint.aspx

     

    edit : clarification.

    • Proposed as answer by AseemN Thursday, August 12, 2010 3:07 PM
    • Marked as answer by Stanfford Liu Friday, August 20, 2010 3:07 AM
    Thursday, August 12, 2010 12:00 PM

All replies

  • Is there a Trust established between Domain A and Domain B via Active Directory Domains and Trusts MMC?
    http://sharepoint.nauplius.net
    Tuesday, August 10, 2010 3:22 PM
  • There is no Trust established b/w 2 domains. When I checked with out techsupport team, there is some security issue to enable that. So please give me a solution for the same.

     

    Thanks,

    Johny

    Wednesday, August 11, 2010 6:15 AM
  • Hi,

    in this configuration, youl'll have login prompts by design.

    The correct approach is to either extend the webapp and use FBA (forms auth, login + password), or trust B.

     

    Wednesday, August 11, 2010 11:48 AM
  • Hi,

    You are giving a valueble suggestions, Iam very happy for that. Could you please explain me in detail so that i can follow your solution.

    I have to go with Window authentication. give me step by step approach so that I can convience our tech support team what ever is required.

    Thanks in advance.

    Thursday, August 12, 2010 11:32 AM
  • hi,

    for browsing content, your credentials won't be accepted by the domain sharepoint is hosted in, because it doesn't trust it.

    This prevents hacking attempts from unsupervised domains (if the server gets hacked for example, he still has no rights on the corporate domain, for example listing all users or worse)

    using integrated windows auth will at least require a one way trust (sharepoint "ressource" domain trusts your corporate domain to validate the accounts)

    So usually, you setup untrusted access without a domain, with login and password. Check google for "FBA authentication". This requires a small amount of code, and a database or ldap list of user passwords.

    for simple tip and tricks, refer for example to : http://www.olegsych.com/2009/05/crossing-domain-boundaries-windows-authentication/

    For detailed explanations, this post is awesomeness : http://blogs.technet.com/b/steve_chen/archive/2010/06/25/multiple-logon-while-open-office-document-from-sharepoint.aspx

     

    edit : clarification.

    • Proposed as answer by AseemN Thursday, August 12, 2010 3:07 PM
    • Marked as answer by Stanfford Liu Friday, August 20, 2010 3:07 AM
    Thursday, August 12, 2010 12:00 PM