Re: Trust relationship issue?
- From: "Paul Bergson" <pbbergs@xxxxxxxxxxxxx>
- Date: Tue, 23 Dec 2008 08:47:42 -0600
I would use domain local groups within the resource domain and grant these domain local groups access to the resources (All users from both domains in one of these groups to test the effectiveness). Use universal groups from the domain the users belong to and place the universal groups within the domain local groups. Also check to make sure port 1433 is open between the two domains.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"Carlos Felipe França da Fonseca" <carlosfelipefranca@xxxxxxxxx> wrote in message news:uKIH1nQZJHA.5196@xxxxxxxxxxxxxxxxxxxxxxx
My problem is related to SQL Server.
Many users are having access denied, even being members of a Windows group which has access to the SQL Server 2000 SP4 instance.
They can access the instance only if I explicitly add a login for each user.
I'm sure that there is no group with Deny Access.
The SQL Server is member of domain A and the groups mentioned and their membership are members of domain B.
I know there is an external trust relationship between A and B. Users from A cannot access domain B, but domain B can access resources on domain A.
Logins created for groups from the same domain (A) as the server are working correctly. Only groups from the other domain (B) are not working.
Can it be related to trust relationship?
Does anybody know why it's happening?
.
- References:
- Trust relationship issue?
- From: Carlos Felipe França da Fonseca
- Trust relationship issue?
- Prev by Date: Trust relationship issue?
- Next by Date: Re: SID not resolving to Username
- Previous by thread: Trust relationship issue?
- Index(es):
Relevant Pages
|
