Same name for workgroup and AD domain?

Discussion in 'Security Software' started by Kurt Ehland, May 22, 2006.

  1. Kurt Ehland

    Kurt Ehland Guest

    We have some machines on our network that belong to a workgroup with the same
    name as our Windows AD domain. Are there any security issues that may affect
    our domain controllers if a workgroup with the same domain name exists?

    Thanks,

    Kurt
     
    Kurt Ehland, May 22, 2006
    #1
    1. Advertisements

  2. It is possible to have both of them having the same name.

    If the workgroup name matches a domain name, then the computer name appears
    in the browse list for that domain.

    If a pc has 2 nic, one has address to the workgroup and the other has the
    address to the domain, you will be able to connect to both at the same time.

    HTH.
     
    Wong Tuck Wah, May 22, 2006
    #2
    1. Advertisements

  3. In
    Yes, you will probably have security issues, but they aren't related to the
    naming convention for the workgroup...they're related to the fact that
    non-domain computers are sharing the network with your servers/domain
    computers.

    If they can't be joined to the domain for some reason, I'd probably want to
    isolate them on a VLAN or separate switch so they can't touch the
    domain...although my first choice would be to join them to the domain if
    they're related to your business at all.

    At the very least, make sure the computer browser service is stopped &
    disabled on these workstations, if they must remain on the same network - or
    you'll likely run into master browser problems. I tend to do this for domain
    computers as well (via GPO) as a matter of course....it's probably
    old-fashioned of me, but it works.
     
    Lanwench [MVP - Exchange], May 22, 2006
    #3
  4. Kurt Ehland

    S. Pidgorny Guest

    There is no security issue apart from apparently bad system administration
    of the infrastructure in question.
     
    S. Pidgorny, May 23, 2006
    #4
  5. Assuming users in the workgroup do not have a user account with the same
    password that exists in the domain there are no security implications from
    that alone. In My Network Places the computers from both will appear under
    the same domain/workgroup name. --- Steve
     
    Steven L Umbach, May 25, 2006
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.