|
Within a domain, when a user’s credentials are
presented to a member server, that member server communicates with the domain
controller to validate the creds. We have a cross-forest (cross–company; a divestiture)
trust set up that we are testing. A member server in the other
forest/domain and across the firewall is having trouble authenticating
credentials from our domain. Their DC works fine. Ports on the firewall
are only opened for the two domain controllers (one on each side). Here’s the question: in order to validate the “foreign”
credentials, should the member server be looking first to its own DC, or is it
trying to cross the firewall to find our DC? Based in the preliminary
traffic sampling so far, I think that’s what is happening. Is that
normal/expected behavior? TIA, AL Al Maurer
|
- [ActiveDir] Communication across a trus... al_maurer
- Re: [ActiveDir] Communication acro... Tomasz Onyszko
- RE: [ActiveDir] Communication acro... Almeida Pinto, Jorge de
- RE: [ActiveDir] Communication acro... Ken Cornetet
- RE: [ActiveDir] Communication acro... Myrick, Todd \(NIH/CC/DNA\) [E]
- RE: [ActiveDir] Communication ... Rocky Habeeb
- RE: [ActiveDir] Communicat... Simon Bembridge
- Re: [ActiveDir] Communicat... Al Mulnick
- RE: [ActiveDir] Communication acro... Jeff Salisbury
- RE: [ActiveDir] Communication acro... Olivarez, Sergio J Mr CTNOSC/GD-NS
- RE: [ActiveDir] Communication acro... al_maurer
