In my company we have a very complex infrastructure.
We are from a subcompany, and we have a Active Directory Domain, configured in our PC's. Otherwise, all of us, have a Directory account for main company for access some resources and websites from main Company, and another Directory Account for accesing some resources from other subcompany.
Our subcompany Domain is not into the main Company forest, and can not be changed, and we can not enable a trust beetween domains, and change the main company resoucres, Enterprise policy :(
What we link to do is create some kind of browser component, or windows service, to map our company account to main company account, because computer users do not have to enter main company credentials every time they access recources (all main company resources uses windows authentication).
We can not use shadow accounting, because the usernames are not the same.
I see the online ID providers feature in Windows 7, and I don't know if we can use that for windows authentication on browsers, to map diferent accounts.
Any of you have an idea on where we could start ? Or some kind of solution for this problem ? Thanks for all