Re: Using Computers In Trusted Domain, Logons To Trusting Domain Fails


"L.D.Hansen" <L.D.Hansen@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F76E2B98-ABC6-453E-BBF7-60B17C5CAEF0@xxxxxxxxxxxxxxxx
Generic Problem-Description

With a 1-way trust established between the trusting and the trusted
Domains
in a Forest of 2 Domains,

Forest domains have an AUTOMATIC, TWO-WAY trust effective
between all domains in the forest.

using computers in the trusted Domain, user logon
to the trusting Domain fails but using computers in the trusting Domain,
user
logon to either the trusting or trusted Domain succeeds.

That is what it means to trust a domain; the domain with resources
(computers etc)
allows logon for people in a TRUSTED domain.

The trusted domain is trusted to authenticate the users.


--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)

Background

The current Forest of 2 Domains "SCS" and "GSCSStudents" wherein
GSCSStudents trusts SCS but SCS does not trust GSCSStudents, uses DCs
SCS.Sk.Ca\Speedy (Win2K - the originating DC) to which was added DC
SCS.Sk.Ca\Gemini (Win2K3 - contains master-files) to which was added DC
GSCSStudents.Sk.Ca\Students (Win2K3) to which was added DC
GSCSStudents.Sk.Ca\UserMgr (Win2K3).


Detailed Problem Description

Using a computer that is joined to the SCS Domain, one can successfully
logon to the SCS Domain using an account in the SCS Domain but cannot use
that computer to logon to the GSCSStudents Domain using an account in the
GSCSStudents Domain.

However, using a computer that is joined to the GSCStudents Domain, one
can
successfully logon to the GSCSStudents Domain using an account in the
GSCStudents Domain and also use that computer to logon to the SCS Domain
using an account in the SCS Domain.

If the SCS and GSCSStudents Domains are configured with 2-way trusts
between
them, this problem does vanishes.

Comments and suggestions to solve this problem are appreciated.





.

Relevant Pages

  • Re: 2 Men Arrested in Missouri Girls Death
    ... I'm not going to sit here and rip this woman apartbut there was a video clip where she said she didn't trust her husband, ... It could be more along the lines of her not trusting he won't cheat on her or steal money. ... I suppose it could be she suspected that, but I am waiting to hear more about the distrust comment she made before deciding how I feel about her now. ...
    (alt.true-crime)
  • RE: incoming and outgoing trusts
    ... to use User Domain and Resource Domain (Trusting) as it makes it ... It should also be noted that your concept of administering the trust is also ... rights directly to resources. ... authenticated by passing authentication thru to the trusted domain--into the ...
    (microsoft.public.windows.server.active_directory)
  • Re: OT No sign of panic buying here...
    ... what would your first reaction be: ... trust them, because they've always told the truth in the past ... The way we're all trusting US intelligence, post-Iraqi-WMDs, concerning ...
    (uk.media.tv.misc)
  • Re: [SLE] Signing pgp/gpg keys [Was: crontab help]
    ... Nor do the given "levels of trust". ... "identical" trusting. ... One such Boolean, but experientially concrete ... selection would be far more meaningful than an abstract scale with lots ...
    (SuSE)