Domain authentication without joining the domain
I am DBA in an Active Directory environment. I often work from home using my private PC (I connect via VPN). My private PC is not joined to the Active Directory domain.
Is it possible to use domain authentication on some applications (eg. SQL Server Management Studio, RSAT) without joining the whole computer to the domain?
Have you got any ideas on the topic?
22 Answers
In order to use domain features, you need to have a user present in the active directory.
Your computer does not have to be in the domain. You put your computer in the domain when you want to make login easier, and manage your computer from within the domain.
For example, when a computer is part of a domain, you can access the administrative shares, make someone local admin remotely, check the event log, etc.
When a user logs in on the computer, they login to the domain. Whenever a network connection is made, these credentials can be passed directly to that service if that service uses NTLM login meganism.
So long story short, your computer does not have to be in the domain, you just need to have a username in the active directory.
Sidenote: If your username and password on the local computer account are the same as the one in the Active Directory, it will use that login as valid for the active directory.
4One option is to use runas. The computer does not need to be joined to the domain. An example target for a shortcut:
C:\Windows\System32\runas.exe /netonly /user:domain\user "C:\Program Files\Devart\dbForge Studio for SQL Server\dbforgesql.exe"You will get asked to enter a password before the program runs.
