对另一个Active Directory域的ASP.NET Windows身份验证 [英] ASP.NET Windows authentication to another Active Directory domain

问题描述

我们在Server1上运行了ASP.NET Web应用程序. Server1在Windows Active Directory域Domain1中.

We have ASP.NET web application running on Server1. Server1 is in Windows Active Directory domain Domain1.

我们希望让用户在Domain2中进行设置，以便能够使用针对Domain2的Windows身份验证来访问我们的Web应用程序. 任何可以通过Domain2进行身份验证的用户都应该能够访问我们的应用程序.

We would like to have users setup in Domain2 to be able to access our web application using Windows Authentication against Domain2. ANY user who can authenticate to Domain2 should be able to access our application.

Domain1和Domain2在同一LAN上，但是这两个域之间没有信任关系或其他任何关系. Domain1的计算机可以路由到Domain2并从Domain2访问计算机(反之亦然) -域之间没有防火墙.

Domain1 and Domain2 are on the same LAN but there is no trust or any other relationship between these 2 domains. Computers from Domain1 can route to and access computers from Domain2 (and the other way around) - there are no firewalls between domains.

可以做到吗?我找到了以下示例: http://msdn.microsoft.com/zh-CN/library/ff650307.aspx ，但似乎所有域都必须位于同一林中，而对于我们的设置而言并非如此:

Can this be done? I found this example: http://msdn.microsoft.com/en-us/library/ff650307.aspx but it seems all domains have to be in the same forest which is not the case for our setup:

... 步骤3.将Web应用程序配置为使用ActiveDirectoryMembershipProvider

标识您的应用程序在Active Directory林中支持的所有域...

Identify all the domains that your application supports in your Active Directory forest ...

推荐答案

不，不能.必须存在信任.

No, it can't. There must be a trust in place.

这篇关于对另一个Active Directory域的ASP.NET Windows身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！