Wireless Access over a One Way Domain Trust Possible? RRS feed

  • Question

  • Hi all,

    I've just started working for a new company and have a project handed to me.  We are providing services for another company which includes Email, Internet, Backups and Monitoring.  My thinking is a One Way Non Transitive External Trust.  I'm trying to keep things as simple as I can.

    Domain LC will be providing the services for Domain NW

    I have created their accounts on our domain with mailboxes and disabled the accounts.  I'm using the external associated account function for Exchange access and adding their NW accounts into the permissions.  Next I'll configure a GPO on their domain to point to our Proxy server for Internet.  Should be able to put their NW accounts into an LC security group and feed that to our proxy.  Server Monitoring is via SCCM and SCOM or a Third Party OPManager tool.  We have an admin account on their domain we can use which is also a Local admin on the servers and clients.  That should sort out any server monitoring issues.

    Today I got asked if we could also provide them Wireless Access so staff can bring their own devices to work.  I'm not sure to what level of functionality they require so I am just looking to provide Internet access at this point.

    My plan is as follows:

    LC Domain (Trusting Domain)

    NW Domain (Trusted)

    The Wireless Access point will be installed into the NW domain and set to WPA2 Enterprise Encryption sharing the key with a NPS 2008 R2 server.  I'm not sure if the NPS server can be on our domain or theirs?  also I'm not sure where its physical location would be.  Ideally I'd like it here on our HV cluster if possible.

    Does anyone know if this is at all possible?  Whatever we do needs to be simple as if we loose the contract we need to quickly 'unhook' everything.


    Thursday, February 14, 2013 11:13 AM