2域没有信任的Windows身份验证 [英] Windows Authentication between 2 domains without trust

问题描述

我们对域A与运行工作的Windows身份验证asp.net web应用程序。

We have asp.net web application running on Domain A with working Windows Authentication.

我们的客户现在希望从域B验证用户到这个网站，但我们不会允许有域A与域B

Our customer now wants to authenticate users from Domain B to this website, but we are not allowed to have trust between Domain A and Domain B.

Windows身份验证不需要从域B的用户，但Windows身份验证域A应该仍然工作。

Windows Authentication is not required for the users from Domain B, but Windows Authentication for Domain A should still work.

有谁知道这是可能的吗？

Does anyone know if this is possible to do?

我们正在使用的.NET Framework 4.0。

We are using .net framework 4.0.

推荐答案

有关这些用户的域A创建受限帐户是什么？

什么在为这些用户域A的服务器上创建本地帐户？

或者，你可以使用活动目录联合服务

what about creating restricted accounts in the domain A for these users?
what about creating local accounts on the server in domain A for these users?
or, you can use Active Directory Federation Services

这篇关于2域没有信任的Windows身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！