There is a business initiative to install a Dev Sharepoint 2007 server in our Trusting Domain. My internal corp network will be Corp.COM. The 3rd party network will be 3rd.COM. Currently 3rd.COM has a Oneway External Trust pointing inward to Corp.com.
Corp.COM Domain and Forest levels are WIndows 2003. 3rd.com Domain level is Windows 2000 Mixed and the Forest is Windows 2000.
The Dev sharepoint server is located in 3rd.Com domain and the consultant is trying to import Corp.com users by pointing the user profile connection to Corp.com active directory. Needless to say this will fail because there is a one way trust in place so
3rd.com users are allowed to read Corp.Com active directory. Not to mention there are no firewall ports open for this anyway. My questions are...
How can we securely allow this sharepoint server to import in 3rd.com to import users from Corp.com?
Ideally we would like to use a service account from Corp.com to import the accounts. We would also like to either
(A) encrypt the sharepoint servers communication to our Corp.com active directory. because there are Two firewalls between the trust ports would be specifically opened from Sharepoint server <-> Corp.com DC
(b) some how use the existing trust to facilitate this procedures. no additional ports opened on the firewalls.
View Complete Post