kam_uk
asked on
Query regarding logging onto a different domain
Hi All
I had a query regarding logging onto a different domain that I hope someone could help me with...
My domain is kam.com. We have emea.kam.com, us.kam.com and canada.kam.com
Each domain has a bunch of DC's and one GC. There is full trust between the domains, and network-wise full access between each as well.
User1 has an account located in the EMEA domain, but travels to the US.
When she logs onto a PC in the US, which DC does she authenticate to?
a) The local DC as defined by the subnet she is on within AD Sites and Services (i.e. a US DC)
b) An EMEA DC, since that is where her account is located
c) A US GC, since the GC would presumabely hold details of her account?
And if she changes her password, where is this replicated to first?
Any help appreciated!
I had a query regarding logging onto a different domain that I hope someone could help me with...
My domain is kam.com. We have emea.kam.com, us.kam.com and canada.kam.com
Each domain has a bunch of DC's and one GC. There is full trust between the domains, and network-wise full access between each as well.
User1 has an account located in the EMEA domain, but travels to the US.
When she logs onto a PC in the US, which DC does she authenticate to?
a) The local DC as defined by the subnet she is on within AD Sites and Services (i.e. a US DC)
b) An EMEA DC, since that is where her account is located
c) A US GC, since the GC would presumabely hold details of her account?
And if she changes her password, where is this replicated to first?
Any help appreciated!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That is correct - user passwords are not stored in the GC. A user must always be authenticated by a DC from it's originating domain.
ASKER