Not sure about DNN4, but there is a line in the web.config that allows you to change the SQL connection to the membership database. I have not tried it, but technically you should be able to setup an alternate connection string and apply it to your membership provider. sdsd
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SiteSqlServer" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" requiresUniqueEmail="false" passwordFormat="Hashed" applicationName="DotNetNuke" description="Stores and retrieves membership data from the local Microsoft SQL Server database" />
If this doesn't work, you will have to implement services on the the first DNN instance that can validate users and create a custom authentication provider for your second DNN instance that replaces the login process and uses the services to validate user credentials.