MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Forest level trust for SharePoint Access

  Asked By: Ivan    Date: May 15    Category: MOSS    Views: 1782

We have a small remote office that we would like to grant access to our
WSS 3.0 site via the internet. They have their own domain and there is
not a VPN connection between the sites.

Is it possible to add the users from that domain to the WSS 3.0 site
after establishing a one way forest level trust between the two sites?

So that essentially the domain with WSS 3.0 trusts the users from the
remote domain?

Or would I still need to add the users from the remote domain to the WSS
3.0 domain in order to add them to the SharePoint site?

It seems like it should work that way but I haven't seen any
documentation that describes the scenario.



3 Answers Found

Answer #1    Answered By: Alexia Mccarty     Answered On: May 15

SharePoint (WSS and MOSS) don't do authentication themselves, they rely
on IIS and ASP.net for that. IIS will happily authenticate users  from a
trusted domain. From the SharePoint side you'll have to be aware of some
quirks once you introduce a second domain. For instance, imagine
SharePoint is on a domain  called "LOCAL" and your branch office  is a
domain named "REMOTE." If a user is adding someone to a site  and they
simply type "john" if there is a user local\john SharePoint will assign
that user, even if the person that should have been added was
remote\john. STSADM has some People Picker settings that allow you to
tweak some of this behavior.

Answer #2    Answered By: Laquita Mcgowan     Answered On: May 15

That's excellent. I was afraid that I would have to add  them as users  to
"LOCAL" and then maintain semi-static passwords for each user. I knew it
should work  better than that. (Still learning this whole mess).

If instead of just typing "john" they use the search function under "New
user" and search for "John" it should return both LOCAL\John and
Remote\John correct?

I was planning to just create a group of SharePoint users on the REMOTE
domain and add that group to the LOCAL SharePoint site. But knowing I
can do it either way is a relief.

Answer #3    Answered By: Elijah Davis     Answered On: May 15

If the users  are savvy enough they can browse the domains for users, or
use the user's email address or something. It's just a user education

Didn't find what you were looking for? Find more on Forest level trust for SharePoint Access Or get search suggestion and latest updates.