Windows – Mimic the behavior of a machine added to a domain

domainnetworkingwindows

For some reason, the IT department at our company does not want to add Windows 7 and Windows Vista machine to the domain controller.

I hate to always provide my network credentials everytime I access a shared folder on a machine that is joined to the domain. I also hate to always provide my password when I launch outlook or Visual Studio (Team Explorer).

Is there a way to mimic the behavior of a machine that is added to a domain without actually adding the machine in the domain?

For shares, I can create a batch file that will NET USE the different fileservers we use here but that is a huge security risk as I will type my password as plaintext.

Thanks!

Best Answer

Jon was on the right track with Kerberos, but didn't go into specifics.

On the server, you need to create a machine account. Hold on to the password.

You need to map your local account on your box with your account on the domain. From the command line:

ksetup /setrealm YOURDOMAIN.TLD
ksetup /addkdc YOURDOMAIN.TLD yourkdc.yourdomain.tld
ksetup /setmachpassword the-password-from-above
ksetup /mapuser yourdomainaccount@YOURDOMAIN.TLD yourlocalaccount

(the KDC in step two is usually the domain controller)

You can now access all Kerberised services, but your machine has not actually been joined to the domain.

Best Answer

Related Solutions

Windows 7 – “The Specified Network Password is Not Correct” Error

Windows – Accessing network share in explorer on different domain not prompting for credentials. Access is denied

Related Topic