WhoKilledKenny
MIS
Requirement: Set up a one way external trust between two forests and allow a single OU to be managed by from the external forest.
What I have done so far:
Created a trust between domain A and B. In domain A I have created a delegation that allows a global group from domain B the rights to mange users within an OU in domain A. No issues with setting this up.
My issue:
From Domain B using ADUC, I am assuming I can connect to domain A so that I can see the OU in which I have right to manage. I recieve the following error when connecting from domain B to domain A in ADUC. "Windows cannot connect to the new domain because: Logon Failure: The machine you are logging onto is protected by an authentication firewall. This specified account is not allowed to authenticate to the machine."
I am researching the issue and hope to hear from some of you who have set up forest to forest trusts.
Thanks...
What I have done so far:
Created a trust between domain A and B. In domain A I have created a delegation that allows a global group from domain B the rights to mange users within an OU in domain A. No issues with setting this up.
My issue:
From Domain B using ADUC, I am assuming I can connect to domain A so that I can see the OU in which I have right to manage. I recieve the following error when connecting from domain B to domain A in ADUC. "Windows cannot connect to the new domain because: Logon Failure: The machine you are logging onto is protected by an authentication firewall. This specified account is not allowed to authenticate to the machine."
I am researching the issue and hope to hear from some of you who have set up forest to forest trusts.
Thanks...
