Click here to Skip to main content
16,020,313 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I have set up multiple active directory domains in multiple machines and all are connected in the same network.
Now, I host my application in one of the server. Now I want to allow a login for every AD users from multiple domains which are in the network without adding Trust between domains.
I am able to achieve this by adding Trust between domains but I don't want to add trust between it.
Does anyone have an idea how can I get this?

What I have tried:

This code link is working for me when adding Trust between domains. Directory Authentication for Cross Domain Users in .NET[^]
Posted
Updated 18-Apr-19 5:58am
v3

1 solution

If you think that you, as a non-trusted entity, can just ask any AD tree "Hey! Is this password good for this account?", you'd be sorely mistaken about how the authentication process works and the security of communicating with it.

If the target AD doesn't trust you, or more specifically, the account the request came from, be it a user or a machine, it's not going to let you ask that question.

There has to be a trust relationship, be it a two-way or a one-way trust.
 
Share this answer
 
Comments
jaideepsinh 19-Apr-19 1:00am    
But my all servers are place in the same Network. Even though is it not possible to do this either by code or any other way?
Dave Kreskowiak 19-Apr-19 9:00am    
It does not matter if they are on the same network or not. Those domains do not trust each other.

They could be directly connected to each other and it still wouldn't make any difference.

There is no other way.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900