+ Reply to Thread
Results 1 to 7 of 7
  1. Senior Member
    Join Date
    Jan 2003
    Location
    Orange County, CA.
    Posts
    337

    Certifications
    A+, Network+, MCP - Windows XP, MCSA - Windows Server 2003, MCTS - Exchange Server 2007
    #1

    Default Cannot grant access to users from trusted domain

    I just set up a 2-way trust between two forests. When I log onto a DC in Domain A and attempt to add users from Domain B, I get nothing.

    For example, I attempted to add an account from Domain B to the Remote Desktop Users group on Domain A which is in a trusted forest, I click Locations and the other domain is in the list but when you click the plus sign to expand, nothing appears.

    Anyone have experience with setting this up?
    Reply With Quote Quote  

  2. SS -->
  3. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #2
    Have you created global or universal groups? You need a universal group to add users from other domains. However, best practices state that you should create domain local groups, then add universal groups to that, but you still need to create a universal group in order to add users outside your domain.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Jan 2003
    Location
    Orange County, CA.
    Posts
    337

    Certifications
    A+, Network+, MCP - Windows XP, MCSA - Windows Server 2003, MCTS - Exchange Server 2007
    #3
    If you go to add a user to a group from the Members tab and click Location, you can usually expand the domain and search through the OUs to find a user.

    However, when I click on the trusted domain, I get no OUs to choose from.


    Also, I am attempting to add a user from another domain to the Remote Desktop Users group on my domain which is a domain local group. Domain local groups should take users from other domains anyway right?
    Reply With Quote Quote  

  5. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #4
    Domain local groups should take users from other domains anyway right?
    Yes, you should be able to do that.
    Have you checked out this?
    http://www.techexams.net/technotes/7...n_groups.shtml
    Reply With Quote Quote  

  6. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #5
    Also, what is the functional level of your domains?
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Jan 2003
    Location
    Orange County, CA.
    Posts
    337

    Certifications
    A+, Network+, MCP - Windows XP, MCSA - Windows Server 2003, MCTS - Exchange Server 2007
    #6
    2000 native. I have two 2003 domains though. I could raise the level. I didn't think the default setting would be a problem.
    Reply With Quote Quote  

  8. Member
    Join Date
    Oct 2005
    Posts
    44

    Certifications
    Comptia A+ and Net+
    #7

    Default Re: Cannot grant access to users from trusted domain

    Quote Originally Posted by w^rl0rd
    I just set up a 2-way trust between two forests. When I log onto a DC in Domain A and attempt to add users from Domain B, I get nothing.

    For example, I attempted to add an account from Domain B to the Remote Desktop Users group on Domain A which is in a trusted forest, I click Locations and the other domain is in the list but when you click the plus sign to expand, nothing appears.

    Anyone have experience with setting this up?


    I had a similar problem once, verify that all your forward look up zones are setup correctly and that all records are correct, this fixed my problem.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks