Cross domain shares
I am getting stumped.
I have a test environment set up. I am trying to get a client in one domain to access shares in a seperate domain. Also have a user in one domain access an exchange server in that seperate domain. I have a single forest with 2 seperate domains.
ABC.local and XYZ.local. I have 2 sites setup SiteA and SiteX with a DC in each. The trusts seem to be setup and each site has a GC. The DC is also a file server and the XYZ.local hosts the exchange server. Which is also the Schema master. What I want is the least amount of CALs needed to purchased.
User logs into ABC.local takes up a CAL. This client is able to access a share on Server.ABC.local using the group I created in the ABC.local domain. Then I browse to a share on the Server.XYZ.local in which I created a group and added the user to that group. But this user cannot even open the share. I give everyone full and full, Share and NTFS. I don't see any errors in the event viewer on either server. I do see a CAL taken up on the Server.XYZ.local stating it is from the ABC domain.
What am I missing? The purpose of this exercise is so a user in ABC.local can access their mailbox in XYZ.local without creating the same user in both domains and having to purchase a user CAL in both. If I can't even get this share working I am not sure I will be able to get the mailbox working.
Thanks
I have a test environment set up. I am trying to get a client in one domain to access shares in a seperate domain. Also have a user in one domain access an exchange server in that seperate domain. I have a single forest with 2 seperate domains.
ABC.local and XYZ.local. I have 2 sites setup SiteA and SiteX with a DC in each. The trusts seem to be setup and each site has a GC. The DC is also a file server and the XYZ.local hosts the exchange server. Which is also the Schema master. What I want is the least amount of CALs needed to purchased.
User logs into ABC.local takes up a CAL. This client is able to access a share on Server.ABC.local using the group I created in the ABC.local domain. Then I browse to a share on the Server.XYZ.local in which I created a group and added the user to that group. But this user cannot even open the share. I give everyone full and full, Share and NTFS. I don't see any errors in the event viewer on either server. I do see a CAL taken up on the Server.XYZ.local stating it is from the ABC domain.
What am I missing? The purpose of this exercise is so a user in ABC.local can access their mailbox in XYZ.local without creating the same user in both domains and having to purchase a user CAL in both. If I can't even get this share working I am not sure I will be able to get the mailbox working.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Just a note. I can access the SYSVOL on that domain controller.
ASKER
It worked. I assumed I was able to access the server using the \\XYZ.local\share. I was able to see the share but not access it. I put the \\Server.XYZ.local\share and that worked. My assumption was based on the fact I was able to access the SYSVOL.
Interesting lesson.
Thanks
Interesting lesson.
Thanks
Yes. You must access the share by \\servername\share.
If you want to access shares by \\domain\share you need to use DFS - but cross domain access adds another level of permissions to figure out.
Glad you're up and running.
NM
If you want to access shares by \\domain\share you need to use DFS - but cross domain access adds another level of permissions to figure out.
Glad you're up and running.
NM
ASKER
"Configuration information could not be read from DC. Either because the machine is unavailable or access has been denied."