Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13
  1. #11
    Junior Member
    Join Date
    Jul 2003
    So I register my laptop in AD, join it to the domain, logon with the correct credentials and I should see it? I've tried that but I only get the domain I'm using and local logon..


  2. #12
    Senior Member
    Join Date
    Oct 2001
    A computer can only be a member of one domain at a time. There is a major difference between computer accounts and user accounts.

    The only way you can give a domain account access to a machine is for that particular machine to be a member of that domain, or the domain account has to be in a domain that is trusted by the domain your computer is in, ie. it is in the same AD forest. If you are working in an AD forest that has multiple domains you will be able to tell because you will be able to select every possibly domain you can authenticate with at login by using the dropdown domain select box.

    There is no way to have a computer that is in domain A authenticate an account from domain B without a trust existing between the two. So you cannot take a computer that is a member of domain A and has permissions for users in domain A and log in with an account from domain B. Win2k, XP Win2k3 only has the ability to read data(authentication) from 1 active directory domain controller at a time.

    If you want to get your authentication from a different AD forest you would have to join the new forest which would delete the computer account SID from the first forest. Windows natively does not have the ability to hold multiple computer account SIDs which is the reason it will not allow you to join multiple forests.

    Also, in case you were not aware. You do not have to use the dropdown box if you now the name of the domain. For instance. If I have account johndoe in domain abc I could type abc\johndoe as the user name and it will automatically go to the proper domain. You can also use johndoe@abc to the same effect. It is possible to turn of these different domain designations so in some cases this may not work for you.

    I'm sure that there is software available to switch your machine between domains as it is possible to control domain membership programatically.


    So you could create a computer account in each of the different domains that you need access to and then change the domain membership of the machine as needed. However, you cannot authenticate to multiple domains without making a change on the computer you are using.

    Yet another thought on this matter. Since the computer account password changes automatically, and there is no real way, other than brute force hacking to get the password, you will have to take the information presented in this article into consideration. Resetting the password is easy, but you will need to know the password in order to re-join a domain. That is if you want to try and program this yourself.


    Yet another article of interest about the netdom command line tool.

  3. #13
    OK i had this exact same problem not long ago.
    And funny enough though, i found that the program (PC ANYWHERE) worked.......
    U actually dont need any credentials u just gotta know the passwords that are used to log onto that particular computer that u are trying to access.

    Any how cheers hopped this info might help

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts