Solved

Cross domain share access

Posted on 2011-09-23
6
263 Views
Last Modified: 2012-08-14
Hi Everybody,

We have the following problem on our domains:
There are 2 active domains. D.local and P.local. On the P.local domain the P.local domain is trusted, external trust type and non transitive.

On the P.local domain is a server with a share that is public for all users. Now when connecting to the share via \\x.x.24.35\Diasys from the D.local domain there is a challenge response. But the idea is that we don’t want a challenge response so we can start a batch file for al the users from the D.domain on the P.domain

Who has tips or ideas?

Thanx Paul
0
Comment
Question by:paulvanhelden
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 36587198
You need to create a Universal Group or Global Group on D.local then add this Group into Domain Local Group in P.local then add this Domain Local Group to the Share folder with proper permissions
0
 
LVL 2

Author Comment

by:paulvanhelden
ID: 36587849
Darius,

I did do something like that, and will try it out this coming day's on tuesday I can give you a responce if it works or not.

Thank you,
Paul
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 500 total points
ID: 36587988
Sounds good let me know
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 2

Author Comment

by:paulvanhelden
ID: 36710326
We have tried this solution, but still got some issues. From within the domain as a not domain user this works, but from the D.domain to the P.domain users still get the challenge responce screen.
Tomorrow I've got an expert overhere and we are going to test some scenarios to eliminate things.

To be continued.
Paul
0
 
LVL 2

Author Comment

by:paulvanhelden
ID: 36716841
When we switched from ip to names in the unc path declaration everything works. It looks like the outsourcing party has blocked some kind off acces on the ip level. But when using names eg. Server.d.local we could connect to the share. So the local group connected to this share with the group controlling all users works fine, and with the users we mean the users from both the D.local as the P.local.
0
 
LVL 2

Author Closing Comment

by:paulvanhelden
ID: 36716858
Own comment gives extra info for the solution.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question