RE: External Trust - Can't see share contents

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

A group from the remote domain was added to the ACL of the share to
accomplish this task.
In this case, the trust relationship passed through the credentials that did
not have any access in our domain.
The other remote sites that are prompted for a username and password do not
have a trust relationship with us. A trust eliminates the need for additional
prompting (by design) and allows the remote administrator to control access
to the share by group membership.

--
BStillion
Portland ME


"bstillion" wrote:


Goal: users in another forest can browse to a server share to view the
folders contents. The user should browse to \\servername\share and be
prompted for
username and password. There are local accounts on the server that then allow
them to access the share.

Environment
Windows Server 2003 Domain with an External Trust to the remote domain.
Connection is a point-to-point (TLS) being used primarily to store/retrieve
information on the servers here from the users there and is working fine.

Remote user experience
user can browse to server, but when they double click the share they get
an "Access Denied" error.

Troubleshooting steps taken
Share and NTFS permissions have been checked numerous times and
are Share = Local group with local accounts have Change. NTFS = Local group
with local accounts have Modify access.
Confirmed "Selective Authentication" is applied to the External Trust but
cannot add the "allow to authenticate" permission to the local group (can't
browse to it.)
Confirmed that no ACL or firewall settings are blocking access or
authentication.
Got this to work from another domain but don't see the difference between
the trusts.

Any help is greatly appreciated.
--
BStillion
Portland ME
.

Relevant Pages

  • Re: External Trust - Cant see share contents
    ... We placed a global group from the other domain into the ACL of the resource ... Windows Server 2003 Domain with an External Trust to the remote ... are Share = Local group with local accounts have Change. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Trust requirements for TS License Server in a different domain
    ... Licensing Server needs to trust the domain containing the Terminal ... only thinking about the Terminal Server and the TS Licensing ... have to be in trust relationship with License Server Domain ...
    (microsoft.public.windows.terminal_services)
  • Re: Not able to establish trust with another window 2003 domain
    ... The time of the two server is the same. ... MVP - Directory Services ... I had follow exactly the same that stated in your article but still fail. ... I try to remove the trust that created at my Source and re-create again. ...
    (microsoft.public.windows.server.active_directory)
  • Re: OLAP and VPN / authentication / trust
    ... You need Network 2 to trust Network 1 users to access the resources on ... This is the essence of a "Trust Relationship". ... attempt to connect to a SQL server on Network2 using credentials like ...
    (microsoft.public.sqlserver.olap)
  • Re: Trust Issues
    ... sharepoint and Project Server... ... I set a one way external trust between the great domain and one ... > since it is hard to determine if the VMWare image, ... These two systems are the virtual machine in VMware. ...
    (microsoft.public.windows.server.general)