Quantcast
Viewing all articles
Browse latest Browse all 12072

Cross Domain Authentication - via Trust, What DC do I authenticate to.

Hello All:

I am trying to get some clarification on what domain controller I authenticate to via a 2 way transitive site.  Our setup is pretty basic. 

2 domains in one forest, 2 way transitive trust, 2003 domain and forest level.

In the one domain I attempting at retiring a domain controller that was a PDC and the original domain controller in that domain (a 2003 domain controller).  I have moved all the FSMO roles and any dependencies.  I then firewalled of the domain controller completely to see if I break anything.  All looks well, however in the other domain when you attempt to authenticate via the trust it complains, "The system detected a possible attempt to compromise security.  Please ensure that you can contact the server that authenticated you".  I clearly understand it is probably attempting to authenicated to the original DC I mention that is firewalled off.  What methodology does the trust use to choose what DC it authenticates to. I looked at the trust properties and nothing is static.

I basically want to try to keep the firewall on and fix this issue, before I flat out demote it.  Any help would be greatly appreciated.


Viewing all articles
Browse latest Browse all 12072

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>