Cant use remote desktop across trust

D303M
D303M used Ask the Experts™
on
I have setup a two way forest trust between two seperate forest. In forest A I have a root domain called domain1 and a child domain called domain2.

In forest B there is one domain. I have created the forest level trust between the root domain in forest a and the one domain in forest b.

Everything works great but when I try to allow users from domain2 in forest A to use RDP to a server in forest b it will not work.

The only way it would work is if I add the user to the remote desktop users group on the the machine I'm trying to RDP to.

If I add the user to a group  and add that group to the local remote desktop users group on the server I'm trying to access it fails.

It gives the error that you must be a memer of remote desktop users to access the machine when it fails.

Any ideas?

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
"The only way it would work is if I add the user to the remote desktop users group on the the machine I'm trying to RDP to."
This is by design,

Are you taking into consideration AD replication intervals after making group membership changes?
Top Expert 2013
Commented:
Are you adding the user to a group in their own domain or another.  Try creating a global group in their domain and a domain local in the other domain and next the global into the domain local.   Add the member to the global and log off and log back on.  See if that works.

Thanks

Mike
Adam BrownSenior Systems Admin
Top Expert 2010
Commented:

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial