We are running into an issue allowing members of a trusted domain to log onto our terminal servers using the domain credentials from their domain. We created a one way outgoing trust to the other forest and I am able to enumerate their users from our side. We have created a number of domain local groups on our side and then nested groups from the other domain into our local groups. What would be he next step to allow these users to log into the terminal servers that we have on our side? Do we just make the domain local groups on our side members of the remote desktop users group and power users? Does the admin's from the other domain have to make their groups members of anything or can it all be done on our side?