I'm in the process of establishing a domain trust with a third party, allowing their users to log into an application using our primary domain accounts. This will be my first time setting up a domain trust, and I have a few critical questions. Given that this app is legacy software and the business has committed to a multi-year contract without involving IT, I need some clarity on the following points:
1. Can we limit access for the third party to only certain domain controllers, making them read-only? My understanding is that all domain controllers need to communicate with one another.
2. Is there a way to restrict who among their users can authenticate with our domain?
3. Can we control what they can see or access within our domain?
Any insights or advice would be greatly appreciated. Thanks!
1 Answer
Honestly, this sounds like a tricky situation. If the business went ahead without IT's involvement, that’s a red flag. Typically, you wouldn't want to allow a third party full access to your domain. I suggest creating a separate domain specifically for this purpose, where users can have unique usernames and passwords just for this application.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures