Re: Child Domain access

"Pscyime via WinServerKB.com" <forum@xxxxxxxxxxxxxxx> wrote in message
news:51C5B3F23F3E8@xxxxxxxxxxxxxxxxxx
>
> Hi
>
> I posted this qn as part of a thread on a dns issue I had in the
> windows200
> dns NG ,however this i think is a more appropriate location - apologies
> Ace
> if this is classed as a x post but what i started as a DNS issue I think
> now
> maybe more AD than DNS
>
> I have created achild domain and user's who have enterprise and/or domain
> admin rights in the parent cannot login to the child domain, their user
> accounts dont appear in the users container when I look in the child
> domain
> ADUC
>
> I have looked at replmon and there dont appear to be any replication
> issues
> so what could be causing this?
>
> I can create user directly in the child domain and login but surely an
> enterprise admin should be able to login anywhere in the domain/forest
> right?
>
> Your time and ideas are greatly appreciated cus i cant find any info on
> why
> this may happen, i guess it is a replicaiton issue but there are no
> replication errors, when i create a user of the same name in the child
> domain
> i get errors in the event log(error 11 source KDC)
>
> Help, i am at a loss and getting kinda frustrated.(er oops thats a
> different
> issue all together..lol)
>
> Here's hoping...
>
> Kind regards
>

There is no replication issue here. Everything is working exactly as it
should.
You can be authenticated by any domain that you have credentials in.
So you logon TO A PC - using a set of credentials from a particular domain
that can be reached by trust relationships to authenticate your account.
So you can logon to any PC in the forest using your domain credentials from
any specific domain using your fully qualified domain name or by using the
drop down box to select the domain to authenticate you .

If this does not make sense then you need to do more reading on the way
authentication works in an AD forest - there are lots of articles about this
online in TechNet.

--

Regards,

Mike
--
Mike Brannigan [Microsoft]

This posting is provided "AS IS" with no warranties, and confers no
rights

Please note I cannot respond to e-mailed questions, please use these
newsgroups

"Pscyime via WinServerKB.com" <forum@xxxxxxxxxxxxxxx> wrote in message
news:51C5B3F23F3E8@xxxxxxxxxxxxxxxxxx
>
> Hi
>
> I posted this qn as part of a thread on a dns issue I had in the
> windows200
> dns NG ,however this i think is a more appropriate location - apologies
> Ace
> if this is classed as a x post but what i started as a DNS issue I think
> now
> maybe more AD than DNS
>
> I have created achild domain and user's who have enterprise and/or domain
> admin rights in the parent cannot login to the child domain, their user
> accounts dont appear in the users container when I look in the child
> domain
> ADUC
>
> I have looked at replmon and there dont appear to be any replication
> issues
> so what could be causing this?
>
> I can create user directly in the child domain and login but surely an
> enterprise admin should be able to login anywhere in the domain/forest
> right?
>
> Your time and ideas are greatly appreciated cus i cant find any info on
> why
> this may happen, i guess it is a replicaiton issue but there are no
> replication errors, when i create a user of the same name in the child
> domain
> i get errors in the event log(error 11 source KDC)
>
> Help, i am at a loss and getting kinda frustrated.(er oops thats a
> different
> issue all together..lol)
>
> Here's hoping...
>
> Kind regards
>
> Si
>
>
> --
> Message posted via WinServerKB.com
> http://www.winserverkb.com/Uwe/Forums.aspx/windows-server-ad/200507/1


.