Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [trust-relationship]

81 questions
6
votes
4 answers

Purposefully break trust relationship with Windows Domain

For testing purposes I am trying to purposefully break trust relationships with the Windows Domain. What is the quickest way to kill it off? "Unfortunately", broken trust relationships don't regularly occur with my set up so I'd like a way to…
Pylsa
  • 205
  • 1
  • 3
  • 9
4
votes
1 answer

Netlogon - Domain Trust Secure Channel issues - Only on some DCs

We have a 2 domain environment. We were having issues with slow connections, authentication failures, and hung resources only during OFF-PEAK hours when there were very few users logged on. The issue occurred when a user from DOMAIN A is accessing…
j-Geek
  • 141
  • 1
  • 3
2
votes
1 answer

Universal Groups not working across domain trusts

I have a problem with Universal groups across a trust - membership of the universal group gives rights from one domain in a forest but not from another domain in the same forest - I've set up a test set of accounts and groups to demonstrate and try…
Ross
  • 133
  • 1
  • 11
2
votes
1 answer

Active Directory Authentication Through a Trust and Querying For Users From Trusted Domain

Domain A (Forest Tree Root) (Primary Domain) Domain B (Direct Outbound) (Direct Inbound) There is a two way trust between the two Forests Domain A/B. This scenario is used to connect two companies together. Now, lets say we have an application that…
Wasim Hayatt
  • 21
  • 1
  • 2
2
votes
1 answer

LDAP simple bind to cross-forest Active Directory with 2-way trust

I have two forests (example.local and accounting.local) that have 2-way trust established. On accounting, I can bind using accounting\bind. However, it fails from example.local ldap_bind: Invalid credentials (49) additional info: 80090308:…
Surendar Chandra
  • 21
  • 1
  • 2
2
votes
2 answers

DC with two-way forest trust does not see objects from another forest

I have 2 forests - domainA.com and domainB.net. There are two-way trust set up on each. When I try search objects located on domainB.net from domainA.com it gives me following error: The system cannot contact a domain controller to service the …
FanteG
  • 161
  • 1
  • 7
2
votes
0 answers

Setup keystore and truststore in elastic beanstalk

Im new to AWS, mutual authentication. However I have not setup elastic bean stalk. I am working with a payment API. The organization that has setup the API requires a keystore and trust store to be setup I have signed up my for AWS and simply setup…
Brian Hawi
  • 21
  • 3
2
votes
1 answer

Does AD one-way trust demand admin priviliges on both domains?

Does AD one-way trust demand admin priviliges on both domains? Say I'm domain admin for domain A, and I want to give user from domain B access to stuff on domain A, which they can reach by VPN. From what I understand that can be done by setting up a…
suleimanforever
  • 35
  • 1
  • 7
2
votes
1 answer

Creating a cross-forest Trust between two Active Directory Forests hosted on Azure VMs? (separate subscriptions)

I see that it's possible to create a cross-forest Kerberos Trust between an on-premises AD Forest and a Forest hosted on Azure VMs. But is it also possible to create a cross-forest Trust between two separate organizations which exist only on Azure…
user2238685
  • 23
  • 3
2
votes
0 answers

Slow response time when using ADUC utility to search a trusted domain

Current Setup: I have child 2 domains, one in America (amer.domain.com) and one in Asia (asia.domain.com) in the same forest. Both domains are connected via MPLS links. In each physical site, there is 1 domain controller that is joined to the…
Fahmy Aziz
  • 105
  • 4
2
votes
1 answer

Restrict forest-trust to a single DC pair

We have two AD forests with a trust in place. fwDomain has been firewalled from accessing resources in corpDomain. corpDomain has one DC within the firewall boundary and has the ability to communicate with other corpDomain DCs. The goal is to…
rmarles
  • 21
  • 3
2
votes
0 answers

Windows client cannot get cross-domain ticket, but a Linux one (from WSL) can

I am trying to and failing to authenticate my Kerberos credentials when doing ssh from a Windows 11 client joined to a Windows Server 2019 domain (let's call it AD.LOCAL) to a Linux host joined to a domain managed by FreeIPA (let's call it…
chutz
  • 7,569
  • 1
  • 28
  • 57
1
vote
1 answer

How to use member of trusted domain in GPO?

I have two test domains and one trusts another. On trusting domain GPO I need to add a group from trusted domain to remote desktop users group which will apply to all computer objects in trusting domain. However, when I try to add this group I get…
sys
  • 11
  • 2
1
vote
1 answer

DNS configuration for domain trust

I am the DNS administrator for domain1.com. We are setting up a trust with child.domain2.com. This will allow us to resolve all resources in child.domain2.com. There is also a resource in domain2.com that we need to resolve. Will a query from…
Kevin
  • 31
  • 2
1
vote
1 answer

Cross-Realm-Trust between Active Directory and MIT Kerberos

I am currently in the process of extending my development environment, which used to only run Linux servers so far, by adding machines running Windows Server 2016. The authentication process is handled by MIT Kerberos. For the new Windows machines,…
Alexander Richter
  • 11
  • 3
1
2 3 4 5 6