Chris and Brian,
I believe that I'm in business. Like I said yesterday I created those
group like Chris suggested but still saw traffic, so today I created some
firewall rules that blocked all communication between the
server1.CustProj.corp and the Company.corp domain controllers and I was
able
Thanks Chris,
I tried what you grepping the firewall logs I'm seeing TCP port 88
(kerberos) traffic from server1.CustProj.corp to DC.Company.corp. For my
test I did what you said. I then assigned that domain local group created
in CustProj.corp to the Remote Desktop Users group. When I RDP
*
>
>
>
>
>
>
>
>
>
>
>
> *Thanks,*
>
>
> *Brian Desmond*
>
>
>
>
>
> *w – 312.625.1438 | c – 312.731.3132*
>
>
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:
> listsad...@lists.myitforum.com]
>
>
You should be able to limit the traffic to only domain controllers talking back
and forth. My guess is that you have the Corpcompany.corp users being directly
added to the ACLs on the resources in server1.
Try this:
Create a Corpcompany.corp global group and add users to it
Create a
,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Eric Wittersheim
Sent: Thursday, December 8, 2016 11:27 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] External trust issue
Melvin,
I'm
Just spitballing here, but would federation help that? Or put an RODC for
company.corp on location at custproj.corp
--
There are 10 kinds of people in the world...
those who understand binary and those who don't.
From: listsad...@lists.myitforum.com
6 matches
Mail list logo