Personal computing discussed

Moderators: renee, Steel, notfred

 
JJCDAD
Gerbil Jedi
Topic Author
Posts: 1867
Joined: Fri Sep 17, 2004 3:11 pm
Location: Is this heaven? No, it's Iowa.
Contact:

Access to 2 domains from one computer?

Mon Feb 06, 2012 2:25 pm

Here's the scenario: Working for 2 different companies from the same office. One company is where my desk is, the other is 1000 miles away. I access files and email on the remote enterprise network by joining their domain over VPN. I also want to be able to join the local domain to access network drives and email exchange. I want to do both of these things on the same computer. Is this possible?

I really don't know what other details to provide. Any assistance is greatly appreciated.
 
notfred
Maximum Gerbil
Posts: 4610
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 8:11 am

The first thing is going to be their VPN client policy settings. Most companies that I've come across disable split-tunnelling, meaning that when you bring up the VPN connection all your network traffic goes down the VPN. That's to stop your box becoming a backdoor gateway on to their network behind their firewalls.
 
thegleek
Darth Gerbil
Posts: 7460
Joined: Tue Jun 10, 2003 11:06 am
Location: Detroit, MI
Contact:

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 8:15 am

I actually do the same thing. It is only possible (in my opinion) by installing a Virtual Machine software. I use either Oracle's VirtualBox or VMware's Workstation. Once you have a VM set up, you can then connect to your other domain via VPN and you will be connected to that domain while your local domain still remains intact on your main system.
 
just brew it!
Administrator
Posts: 54500
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 8:34 am

You *might* be able to make something work by installing 2 NICs and disabling the VPN driver for the 2nd one on its TCP/IP properties page. IIRC I did something like this a long time ago, but it was on Win2K and the local network was a workgroup (not a domain) so it may not be applicable.

thegleek's VM idea is probably a better approach...
Nostalgia isn't what it used to be.
 
Flatland_Spider
Graphmaster Gerbil
Posts: 1324
Joined: Mon Sep 13, 2004 8:33 pm

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 9:15 am

A virtual machine is pretty much the only option if the OP is talking about joining a box to two AD domains. AD can be designed to allow two different domains to pass credentials to each other, but I don't think that's an option here.
 
Glorious
Gerbilus Supremus
Posts: 12343
Joined: Tue Aug 27, 2002 6:35 pm

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 11:01 am

I'm going to ++ thegleek, JBI, and flatland_spider here. The VM is the way to go.

It's what I do at home for my work stuff.
 
spitfire650
Gerbil
Posts: 31
Joined: Sun Jan 01, 2012 5:36 pm

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 12:44 pm

Another vote for a VM.

I'm not aware of any way to have a workstation joined to two domains. If the other domain is trusted, you could access resources there, but that may or may not be possible depending on if there's a relationship and need between the companies for this.
 
just brew it!
Administrator
Posts: 54500
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 1:56 pm

The downside (other than performance) of a VM is that you'll need another Windows license unless you're OK with using Linux to access one of the networks...
Nostalgia isn't what it used to be.
 
Steel
Global Moderator
Posts: 2330
Joined: Wed Dec 26, 2001 7:00 pm

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 2:26 pm

just brew it! wrote:
The downside (other than performance) of a VM is that you'll need another Windows license unless you're OK with using Linux to access one of the networks...

If he's running Win7 Pro or Enterprise he can install XP Mode and join the VM to the alternate domain.

And if VirtualPC isn't your thing, you can install VMware Player and run your XP Mode VM using that.
 
Aphasia
Grand Gerbil Poohbah
Posts: 3710
Joined: Tue Jan 01, 2002 7:00 pm
Location: Solna/Sweden
Contact:

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 3:20 pm

Depending on which resources you are after on the two different domains, then yes, most can probably be accessed, say a printer or a file share, or even e-mail, but you will never be able to use it transparently or with single-sign on and similar without either a trust-relationship between the domains, or a third party credential manager that systems from both domains are looking up.

Doing it concurrently though is up to split tunneling and the vpn-part, but allowing split tunneling is as people have already said, usually frowned upon.
 
frumper15
Gerbil XP
Posts: 380
Joined: Mon Jan 18, 2010 3:25 pm

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 3:47 pm

Can you have another client machine on the remote domain set up that you could use remote desktop to access it? I don't know enough about VPN or virtual machines to know if it's inherently more secure or not, but I would think you should be able to establish a secured connection from your local machine configured on your local domain and connect to the remote machine configured and connected to that domain. We use the remote web workplace built into SBS2003 for remote connections to desktop clients running at the office. Alternatively you should be able to set up port forwarding or somesuchthing with VPN to access the remote machine directly from the RDP client on your local machine (ie. remotemachineipaddress:3389). I think you might find performance is much better than VPN for larger files, etc. I used to VPN at work and it was painful working on even modestly sized spreadsheets, etc. vs. just remoting into an available machine for the same work. Just a thought!
i7-8086K | Z370 AORUS GAMING WIFI | 32GB DDR4-2400 | EVGA GTX 1080 Ti | 512GB 960 Pro | 27" Dell 2560x1440 Gsync | Fractal R6 | Seasonic Focus Plus 850W | Win10 Pro x64.
 
JJCDAD
Gerbil Jedi
Topic Author
Posts: 1867
Joined: Fri Sep 17, 2004 3:11 pm
Location: Is this heaven? No, it's Iowa.
Contact:

Re: Access to 2 domains from one computer?

Tue Feb 07, 2012 4:39 pm

Thanks for all the great info!

I think I've got him convinced that the easiest thing to do is just use LogMeIn to access local files and email. I installed it today and he's test driving it now. If he decides it won't work for his needs, I'll suggest the VM route.

Thanks again.
 
thegleek
Darth Gerbil
Posts: 7460
Joined: Tue Jun 10, 2003 11:06 am
Location: Detroit, MI
Contact:

Re: Access to 2 domains from one computer?

Wed Feb 08, 2012 12:49 am

frumper15 wrote:
Can you have another client machine on the remote domain set up that you could use remote desktop to access it? I don't know enough about VPN or virtual machines to know if it's inherently more secure or not, but I would think you should be able to establish a secured connection from your local machine configured on your local domain and connect to the remote machine configured and connected to that domain. We use the remote web workplace built into SBS2003 for remote connections to desktop clients running at the office. Alternatively you should be able to set up port forwarding or somesuchthing with VPN to access the remote machine directly from the RDP client on your local machine (ie. remotemachineipaddress:3389). I think you might find performance is much better than VPN for larger files, etc. I used to VPN at work and it was painful working on even modestly sized spreadsheets, etc. vs. just remoting into an available machine for the same work. Just a thought!

I just don't see how that would work AT all.... If you RDP'd into a secure connection via VPN, you essentially are JOINING a domain. So how would that remote computer be able to join a different one then it's already assigned to? Not likely.

JJCDAD wrote:
I think I've got him convinced that the easiest thing to do is just use LogMeIn to access local files and email. I installed it today and he's test driving it now. If he decides it won't work for his needs, I'll suggest the VM route.[

I'm confused. You asked for help. Everyone gave suggestions, and you chose another option that NONE of us suggested. Interesting.

Who is online

Users browsing this forum: No registered users and 1 guest
GZIP: On