Multiple Active Directory Domains
Posted on 2005-04-19
I have an application which is using Active Directory to authenticate users.
The company I work for has Multiple domains (2 right now) in a single forest
Users are nested by universal groups.
The application can't query users from across either domain
What do you have to do to AD so you can read across the domain?
We have a forest called "MAIN"
We have a Domain called "DOMAINA" and a Domain called "DOMAINB"
Each Domain is within "MAIN".
We have an Universal Group in DomianA which holds user objects from both Domains. But users in DomainB cannot query DomainA for a result set of group membership
our application querys an LDAP string and compairs that findings with users memberOF attribute, but fails accross domains....
what do we have to do to allow users from both domainA and domainB share the same LDAP path
For some reasons, if a user is apart of DOMAINA, and DOMAINA has rights to DOMAINB