Please help.
(problem data)
I created External trust between
york.local = trusting domain, outgoing, Selective Authentication
tokyo.local = trusted domain, incomming, Domain Wide (no choice)
Selective Authentication.
DNS forwarders on both ends were setup.
I can ping accross both domains.
Problem1
From the internal domain side (chicago) I want to add a universal group from
the trusted domain (tokyo) to a universal group in the chicago domain. When
I open the group and click "add" the tokyo domain is not listed as a choice.
Problem2
When I try to add users or group objects to the share or NTFS permissions of
directories on the chicago server, it ask me for a user name and password
when I try to change the location of objects to tokyo. so i have to have an
admin account on the tokyo domain to see their directory data? what would be
necessary for a chicago domain admin to populate tokyo's AD catalog?
I can however, go the the server object in the chicago domain and choose the
security tab and add a group with the "allow autentication" access control
right from the tokyo domain's AD database. I can see tokyo from there. I
have to do this because I want to only allow users in tokyo to access one
server in chicago which is why I used selective authentication instead of
domain wide. So that part seemed to work.
thanks,
Ben
Bookmarks