Hello
if you need authentication you muse access everywhere resides the info.
Cache (local and network) can confuse .
You must think that is always the first time.
You must access to the (main) Domain Controller of the domain where is
inscripted the first time the user in question, from a machine that is
inscripted in the same domain.
If a thing in this scenario is different you must always have a re-accredit
alternative way.
A Parent Domain DOESN'T have the information because the automatic trust as
well as all the trust MUST ask the real info to the real owner (a DC of the
real DOMAIN) (in political terms it is not a direct democracy but delegate).
So if you have ONLY a DC in your domain, this domain is a child of another
Domain if you want tolerance you :
must have another DC (living) in the same child-domain, or
you must a copy user in the parent domain (but you can use only logon need,
you lost concurrently and parrallel policies),
or
(ex MASTER DOMAIN ORGANIZATION) your user is in the Parent Domain with all
you need (GPO etc.)
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
- [ActiveDir] Issue with loging Brahim Bouchaiba
- RE: [ActiveDir] Issue with loging GRILLENMEIER,GUIDO (HP-Germany,ex1)
- Re: RE: [ActiveDir] Issue wit... Brahim Bouchaiba
- RE: RE: [ActiveDir] Issue with lo... Gil Kirkpatrick
- Re: RE: RE: [ActiveDir] Issue... Brahim Bouchaiba
- Re: RE: RE: [ActiveDir] Issue... Brahim Bouchaiba
- RE: RE: [ActiveDir] Issue with lo... Roger Seielstad
- RE: RE: [ActiveDir] Issue with lo... Shawn.Hayes
- stefano tufillaro
