Solved

Interforest  Authentication

Posted on 2007-11-27
2
365 Views
Last Modified: 2012-05-05
Hi

Can someone explain this please.

Two win2003 forests linked via a forest trust.
I understand users in either forest can access resources in the other forest; however, I have a share with default permissions applied (except for share permission which is everyone Full Control) so how can a user from the other forest access this share without me explicitly giving permission to him or OtherDomain\Users group?

I thought the domain users groups were members of each other but I checked and this is not the case.

Thanks


 
0
Comment
Question by:Nael_Shahid
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 20358407
You need to add the User Group (from the other forest) in your NTFS ACLs.
0
 

Accepted Solution

by:
Nael_Shahid earned 0 total points
ID: 20358431
Yes but that is exactly the issue.

I have not added them into the ACL but they still have access. I want to know why.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Let's recap what we learned from yesterday's Skyport Systems webinar.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question