1

Topic: Question about AD and VPN

Greetings to all. The question is more , but I will ask nevertheless here. There is a corporate network with Active Directory. Access to it appears after setting VPN of connection. For this purpose I have a login/password and  the client. Further, me produced  CORPORATE_DOMAIN\Vasya which is made by the local administrator on one of hosts in this network. Accordingly, I can come on RDP on this host. And a question here in what. Whether I can, after setting VPN of connection, launch on the computer process on behalf of CORPORATE_DOMAIN\Vasya? Foreseeing a question what for I will tell that in this network still there is a SQL Server on which "Vasi" have rights, but there only Windows Authentication. It would be much easier to launch by the local machine for example SSMS and to walk on bases, than to climb on RDP and to launch SSMS there. Thanks.

2

Re: Question about AD and VPN

Hello, SergASh, you wrote: SAS> Greetings to all. SAS> the question is more , but I will ask nevertheless here. SAS> There is a corporate network with Active Directory. SAS> Access to it appears after setting VPN of connection. For this purpose I have a login/password and  the client. SAS> further, me produced  CORPORATE_DOMAIN\Vasya which is made by the local administrator on one of hosts in this network. SAS> accordingly, I can come on RDP on this host. SAS> and a question here in what. Whether I can, after setting VPN of connection, launch on the computer process SAS> on behalf of CORPORATE_DOMAIN\Vasya? SAS> Foreseeing a question what for I will tell that in this network still there is a SQL Server on which "Vasi" have rights, SAS> but there only Windows Authentication. It would be much easier to launch by the local machine for example SAS> SSMS and to walk on bases, than to climb on RDP and to launch SSMS there. SAS> Thanks. runas/netonly/user:domain\username ssms.exe

3

Re: Question about AD and VPN

Hello, SergASh, you wrote: SAS> Greetings to all. SAS> the question is more , but I will ask nevertheless here. SAS> There is a corporate network with Active Directory. SAS> Access to it appears after setting VPN of connection. For this purpose I have a login/password and  the client. SAS> further, me produced  CORPORATE_DOMAIN\Vasya which is made by the local administrator on one of hosts in this network. SAS> accordingly, I can come on RDP on this host. SAS> and a question here in what. Whether I can, after setting VPN of connection, launch on the computer process SAS> on behalf of CORPORATE_DOMAIN\Vasya? SAS> Foreseeing a question what for I will tell that in this network still there is a SQL Server on which "Vasi" have rights, SAS> but there only Windows Authentication. It would be much easier to launch by the local machine for example SAS> SSMS and to walk on bases, than to climb on RDP and to launch SSMS there. SAS> Thanks. It is possible

4

Re: Question about AD and VPN

Hello, SergASh, you wrote: SAS> There is a corporate network with Active Directory. SAS> Access to it appears after setting VPN of connection. For this purpose I have a login/password and  the client. SAS> further, me produced  CORPORATE_DOMAIN\Vasya which is made by the local administrator on one of hosts in this network. SAS> accordingly, I can come on RDP on this host. SAS> and a question here in what. Whether I can, after setting VPN of connection, launch on the computer process SAS> on behalf of CORPORATE_DOMAIN\Vasya? Only if your computer is included in domain SAS> Foreseeing a question what for I will tell that in this network still there is a SQL Server on which "Vasi" have rights, SAS> but there only Windows Authentication. It would be much easier to launch by the local machine for example SAS> SSMS and to walk on bases, than to climb on RDP and to launch SSMS there. Launch SSMS by the local machine, and in credential manager register login and the password to the server do not forget to specify port (type, megaserver.corporate.net:1433) and the domain of the user

5

Re: Question about AD and VPN

Hello, vmpire, you wrote: SAS>> And a question here in what. Whether I can, after setting VPN of connection, launch on the computer process SAS>> on behalf of CORPORATE_DOMAIN\Vasya? V> Only if your computer is included in the domain you are assured of necessity of this requirement?

6

Re: Question about AD and VPN

Hello, Tanacet, you wrote: SAS>>> There is a corporate network with Active Directory. SAS>>> Access to it appears after setting VPN of connection. For this purpose I have a login/password and  the client. SAS>>> further, me produced  CORPORATE_DOMAIN\Vasya which is made by the local administrator on one of hosts in this network. SAS>>> accordingly, I can come on RDP on this host. SAS>>> and a question here in what. Whether I can, after setting VPN of connection, launch on the computer process SAS>>> on behalf of CORPORATE_DOMAIN\Vasya? V>> Only if your computer is included in domain T> you are assured of necessity of this requirement? Not on 100 %, but it seems to me quite logical: to launch process on the computer the user of process should on it somehow . For this purpose  authentication authority. To that can serve either local SAM or the domain controler. But that the computer "trusted" the domain, it should be included in it. Or the domain, is included in which computer, should trust the domain in which there is a user.

7

Re: Question about AD and VPN

Hello, vmpire, you wrote: T>> you are assured of necessity of this requirement? V> not on 100 %, but it seems to me quite logical: to launch process on the computer the user of process should on it somehow . For this purpose  authentication authority. V> to That can serve either local SAM or the domain controler. V> but that the computer "trusted" the domain, it should be included in it. V> or the domain, is included in which computer, should trust the domain in which there is a user. I do not think. Is Kerberos.