Sounds like they really need federated directories... * *
*ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Fri, Nov 18, 2011 at 5:29 PM, Graeme Carstairs <[email protected]>wrote: > We have a project in hand that the client is looking for someway to do > either of the following 2 optons for authenticating 3rd party contractors > who need access to the system. > > 1. An authenticaiton database and system that doesnt store the user > accounts in AD and uses an alternative user account system but still has > the capability to allow access as if it was a main AD account to file > shares, applications and even Exchange if requried. > 2. A second domain for the 3rd party contractos with a trust. > 3. Locked down OU, with the accounts not having domain users and was > mentioned but not decided as absolutely must have "authenticated user" > rights. > > I think 3 will be the easiest to manage on going, but the client has > expressed that they would like it to be systematically controlled by the > software and not just left to the people creating accounts in case > something is missed. > > Does that help :) > > Graeme > > > On 18 November 2011 21:51, Rankin, James R <[email protected]> wrote: > >> ** >> I'd love to hear what you need to do that for >> Sent from my SR-71 Blackbird >> ------------------------------ >> *From: * Graeme Carstairs <[email protected]> >> *Date: *Fri, 18 Nov 2011 21:28:04 +0000 >> *To: *NT System Admin Issues<[email protected]> >> *ReplyTo: * "NT System Admin Issues" < >> [email protected]> >> *Subject: *Can you have all members of and OU automatically not be >> members of Domain users >> >> Hi There, >> >> The subject line says it all >> >> We are looking for away to systematically make and OU that if you create >> a user in it, it will have a group say "SecGroup1" as its primary group, >> and not have membership of Domain Users. >> >> The idea is for a specific OU that users created in it, will never be >> members of Domain Users, and even if the membership is added to the user >> once created will be removed, or be unable to be added. >> >> Thanks >> >> Graeme >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
