Authenticating users and security without a domain

[Guest AKP]

Hi -

 

I have a large client that has decided that they no longer want their remote

offices to have their own domains but all the file servers are to be just

that file and print servers. I have always set up a local domain and treated

them as individual entities with only email being handled at the

organizational level.

 

They are a social service agency that I believe needs a level of security to

keep their documents and files and local databases secure. (and they SHOULD

be HIPAA compliant).

 

How do I authenticate users and set up security in such an environment. Is

it possible and am I missing the very obvious? Their systems administrator

in corporate told me to just make them file servers and the security will

work... but he has no clue as to how and I am so used to setting up a domain

controller with active directory that I am baffled. Help?!?!?

 

Thanks - AKP

[Guest net_admin]

RE: Authenticating users and security without a domain

 

Your post is a bit confusing.

When you say local databases, what do you mean?

 

--

NetAdmin <São Paulo, BR>

"Das ist nicht mein bier... arschloch."

[Guest AKP]

RE: Authenticating users and security without a domain

 

Sorry... by local databases I mean applications that will be running on the

local fileserver and data is shared by all users in this remote location (as

opposed to databases that are served in the corporate administrative offices-

which are accessed by VPN). Does that help?

AKP

 

"net_admin" wrote:

> Your post is a bit confusing.

> When you say local databases, what do you mean?

>

> --

> NetAdmin <São Paulo, BR>

> "Das ist nicht mein bier... arschloch."

>

[Guest net_admin]

RE: Authenticating users and security without a domain

 

If I understood that correctly, you can use groups to control access to

servers and files. Did that help?

 

--

NetAdmin <São Paulo, BR>

"Das ist nicht mein bier... arschloch."

[Guest vidguide2@gmail.com]

Re: Authenticating users and security without a domain

 

On Sep 5, 1:20 am, AKP <A...@discussions.microsoft.com> wrote:

> Hi -

>

> I have a large client that has decided that they no longer want their remote

> offices to have their own domains but all the file servers are to be just

> that file and print servers. I have always set up a local domain and treated

> them as individual entities with only email being handled at the

> organizational level.

>

> They are a social service agency that I believe needs a level of security to

> keep their documents and files and local databases secure. (and they SHOULD

> be HIPAA compliant).

>

> How do I authenticate users and set up security in such an environment. Is

> it possible and am I missing the very obvious? Their systems administrator

> in corporate told me to just make them file servers and the security will

> work... but he has no clue as to how and I am so used to setting up a domain

> controller with active directory that I am baffled. Help?!?!?

>

> Thanks - AKP

 

If you disable the domain controller, the machines will continue to

work for a while using cached credentials. Eventually these will

expire.

 

Your options are:

1) use local users .. no central way to manage this, but it restricts

people to specifc PCs quite simply.

2) merge into one large domain via the VPN. It will be slow, and the

machines at each site could still be domain servers, just not the

primary. This would aleviate most of teh speed issues, while still

allowing you to centrally manage everyone

3) find out why the hell they dont want domains there anymore, that

seems rather a step backwards..