Connect to a non-domain client from a domain computer BUT as domain user? (Windows RDP)

windows-10 windows remote-desktop active-directory

Solution 1:

A computer that is not domain-joined cannot be managed through an Active Directory, but it is possible to remote manage these computers upto a certain degree.

Even though these computers are not domain-joined, if you create a local user that has an identical username and password as stored in the Active Directory, a user can login seemlessly to that computer as it will first try to authenticate with the username/password that was used to login to the computer. The system is smart enough to not submit the domain too, so as long as the username and password in the Active Directory domain are also present for the local user on that computer, that user can seemlessly login and there is no need to share extra username/password combination.

It becomes more tricky when the AD credentials change, eg. the user changed his password. Then, it no longer matches, and the user will get a prompt to enter their password. The user then can enter their old password to connect until the password is changed on that pc.

If you want a seamless experience, you will have to domain-join the target computer to a domain. You can of course have multiple domain controllers in a forest and have them sync the users across the entire forest, allowing you to have 2 different domain controllers, one for each location. Alternatively, you can also just use one domain controller in one area, and use enterprise-grade routers to create tunnels between locations, such that all computers can be domain joined. This is a common and safe way to do this. A user changes their password, doesn't matter, they can still RDP into the new location without a problem.

Obviously, given that local users and groups don't sync to an active directory on a non-domain-joined pc, its not possible to control access without some weird scripting to remotely manage those non-domain-joined pc's. If the pc's are domain-joined, then it is just a matter of assigning rights to a user and manage access through groups.

Related

Inequality : $\Big(\frac{x^n+1+(\frac{x+1}{2})^n}{x^{n-1}+1+(\frac{x+1}{2})^{n-1}}\Big)^n+\Big(\frac{x+1}{2}\Big)^n\leq x^n+1$
Is there an infinite set of finite strings such that no element is a subsequence of another?
How to prove that for $a_{n+1}=\frac{a_n}{n} + \frac{n}{a_n}$ , we have $\lfloor a_n^2 \rfloor = n$?
Compact submanifolds of $\mathbb{R}^n$ without boundary
Energy functional in Poisson's equation: what physical interpretation?
Ring of Polynomials is a Principal Ideal Ring implies Coefficient Ring is a Field?
Is the Pythagorean closure of $\mathbb Q$ equal to the field of constructible numbers?
Computer Algebra: Algorithms for solving equations symbolically
Ext between two coherent sheaves
Clausen and Riemann zeta function
Numerical Approximation of the Continuous Fourier Transform
Closed form for $\int_1^\infty\int_0^1\frac{\mathrm dy\,\mathrm dx}{\sqrt{x^2-1}\sqrt{1-y^2}\sqrt{1-y^2+4\,x^2y^2}}$