Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2232 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Passthru for remote management console

Uncle_Ben

Hi,

As told by the Sophos guy that, we have to build up a AD trust between the HQ & Remote offices before the allowing the remote admin pc to monitor their own PCs via the management console. However, because of some reason we cannot build up the trust relationship.

I just thought, does it works if I setup a passthru a/c for the remote PC on the Sophos Server in HQ, and then install the remote managment console on the remote admin pc which is login with a domain a/c AND there is a same user a/c same pwd as the domain one? Does it works once I permit the same local a/c on the Sophos Server and put it to the proper role / group ?

:4590


This thread was automatically locked due to age.
Parents
  • 0

    Well ... the basic requirement is that you can connect to SERVER.AD1.your.com from PC.AD2.your.com, for example \\SERVER.AD1.your.com\SomeShare. It there is a trust this should work without specifying "different credentials". Otherwise you have to specify an account from AD1 (assuming you permit access from outside the domain).  As said in the thread you'd save these credentials for accessing SERVER. The AD1 user must belong to required groups (the same requirement as for using a remote console inside AD1).

    If you open the console on PC it should tell you that the user is not assigned to a sub-estate. On SERVER using SEC you open Manage roles ..., Edit the desired role, Add... and in the Enter the object names ... pane  you type AD2.your.com\abc (or perhaps abc@AD2.your.com). It will prompt you for credentials to access the user information on AD2 and then add the user.

    Christian   

    :4605
Reply
  • 0

    Well ... the basic requirement is that you can connect to SERVER.AD1.your.com from PC.AD2.your.com, for example \\SERVER.AD1.your.com\SomeShare. It there is a trust this should work without specifying "different credentials". Otherwise you have to specify an account from AD1 (assuming you permit access from outside the domain).  As said in the thread you'd save these credentials for accessing SERVER. The AD1 user must belong to required groups (the same requirement as for using a remote console inside AD1).

    If you open the console on PC it should tell you that the user is not assigned to a sub-estate. On SERVER using SEC you open Manage roles ..., Edit the desired role, Add... and in the Enter the object names ... pane  you type AD2.your.com\abc (or perhaps abc@AD2.your.com). It will prompt you for credentials to access the user information on AD2 and then add the user.

    Christian   

    :4605
Children
No Data