Merging Multi-Platform Domains

Question

I really did not know how to title this one its quite a complicated one. Or I am just completely overlooking the solution telling me I need to open my eyes.

Scenario:

Two Companies, Company A and Company B

Two Domains, Domain A and Domain B

Two Companies Merge

Domain A is Windows Server Domain Domain B is Mac Server Domain

It was all fine until companies decided to move into one bigger office. :(

One Network, Two Domains, Expanded Subnet(255.255.0.0)

So what we need is to get users on Domain A access to all services on Domain B and vice versa.

Domain A consists of:

8/9 Windows Servers, fileservers, svn, exchange and so on...

Domain B consists of:

Mac Servers, Linux Servers for fileservers, svn, kerio mail and so on...

So the Question is:

How do I get around general authentication for end-users to access file services primarily on domain a or b. They may be setup using ldap on mac or windows active directory. Is there a layer on top that can provide authentication cross all platforms or get the domains to sit nicely together.

Current set-up is have a DMZ setup and vpn into domain b, obviously this is not an acceptable solution so was wondering if anyone knew of a better solution for this scenario or had any information to lead me in the right direction.

Thanks in advanced and thanks for reading and answering.

Answer 1

Read up on "magic triangle" (aka "golden triangle") setups for Mac OS X. A properly designed magic triangle will let your Mac users authenticate to the Windows resources and your Windows users get to the Mac resources. It's not trivial to set up, unfortunately. Have a look at http://images.apple.com/business/solutions/it/docs/Best_Practices_Active_Directory.pdf and see if that helps any.