Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

bind-address mysql multiple, sanibleone xxxx, ftp://192.168.100.100/, www.xxxcon, which comes first ob_start or session, wwwxxx/58/2010, xxxxdup, xxxxdup, mailx informatii, should producers of software-based services, such as atms, be held liable for economic injuries suffered when their systems fail?

Links

XODOX
Impressum

#1: intranet cross forest trusts

Posted on 2008-04-14 18:58:31 by Paul

Hi,

We have two 2003 AD forests with trusts in place and we are in the process
of building a intranet. We have set the security to Windows intergrated
authentication. When a user in forest1 (the one that also has the web server)
tries to access the site it works fine. When a user in forest2 tries to acces
the web site they are challenged.

Does Windows authentication inot take into account trustes?

Report this message

#2: Re: intranet cross forest trusts

Posted on 2008-04-18 20:42:51 by Tiago Halm

Yes it does, you may, however, need to raise the forest and domain
functional levels.
Before doing so, read the steps and, more importantly, the implications:
http://support.microsoft.com/kb/322692

A user account of forest2 will receive a referral TGT from AS
(Authentication Service) in forest2 which the TGS (Ticket Granting Service)
in forest1 will validate with the inter-forest trust key before delivering
the service ticket.

Also make sure the machine in forest2 can reach the DCs (reach the TGS) of
forest1.

Exceptional reading on Kerberos canbe found here:
http://technet2.microsoft.com/windowsserver/en/library/4a1da a3e-b45c-44ea-a0b6-fe8910f92f281033.mspx?mfr=true

Tiago Halm

"Paul" <Paul@discussions.microsoft.com> wrote in message
news:11EAAEE4-75C6-4573-BC77-1240F288AF28@microsoft.com...
> Hi,
>
> We have two 2003 AD forests with trusts in place and we are in the process
> of building a intranet. We have set the security to Windows intergrated
> authentication. When a user in forest1 (the one that also has the web
> server)
> tries to access the site it works fine. When a user in forest2 tries to
> acces
> the web site they are challenged.
>
> Does Windows authentication inot take into account trustes?

Report this message