Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Child/Parent trust problem

Status
Not open for further replies.
kopar

kopar

IS-IT--Management
Dec 30, 2003
23
US
We have a Parent domain : company.com
a child domain: child.company.com

They have the 2 way trust set up and has been validated. However, if I set up a user on company.com, and try and log into child.company.com with the user's credentials, It does not authenticate.

This also happens in the reverse scenario.

I'm also trying to set file sharing permissions for a folder in the company.com to be accessed by users in the child.company.com domain. I can set the permissions fine, but they don't seem to have any actual effect.

What's goin' on here?
 
Sort by date Sort by votes
First things First...Are these Domains NT or Active Directory? Judging from the format, I would say AD and with that in mind the child.company.com should indeed be a child of the company.com domain. If this is correct, a transitive trust (Transitive, If A trusts B and B trusts C then A trusts C)is already in place as soon as you add the child domain.
Verify that authentication is working correctly in each domain seperately before troubleshooting the trust between the domains. Make sure you are using an account with enough privileges to add users/groups to resources in either domain.
With regard to permissions, my recommendation(& Microsofts) has always been to leave Share permissions unchanged unless you have a specific security requirement and instead use NTFS permissions to lock down files for exclusive access.

NOTE: when a trust exists between domains, it does not imply that a user can log on to the trusted domain. What is now possible is the trusting domain will display the name of the trusted in its domain drop down box and will authenticate users on behalf of the other domain. User account membership remains in the origin domain.

Okay...So I ramble. I hope I have helped somewhat. If not, clarify a little more and perhaps we can solve the issue.
 
Upvote 0 Downvote
Make sure the user is a member of a global group (access other domains and their resources) not domain local group(cannot access other domains or their resources). And that they have an account with adequate permisions in the other domain......
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

techbrain1
  • Locked
  • Question
Trust relationship issue 1
Replies
3
Views
767
araheusaff
araheusaff
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
1K
gbaughma
gbaughma
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
922
suncit
suncit
lacked
  • Locked
  • Question
problem with windows update on windows server 2016
Replies
1
Views
288
maybeimaleo
maybeimaleo
MoJHK
  • Locked
  • Question
ESXI server upload problem
Replies
3
Views
296
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top