Hello All:
I am trying to get some clarification on what domain controller I authenticate to via a 2 way transitive site. Our setup is pretty basic.
2 domains in one forest, 2 way transitive trust, 2003 domain and forest level.
In the one domain I attempting at retiring a domain controller that was a PDC and the original domain controller in that domain (a 2003 domain controller). I have moved all the FSMO roles and any dependencies. I then firewalled of the domain controller completely to see if I break anything. All looks well, however in the other domain when you attempt to authenticate via the trust it complains, "The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you". I clearly understand it is probably attempting to authenicated to the original DC I mention that is firewalled off. What methodology does the trust use to choose what DC it authenticates to. I looked at the trust properties and nothing is static.
I basically want to try to keep the firewall on and fix this issue, before I flat out demote it. Any help would be greatly appreciated.