Authentication flow in domains with Trust established

 We have several trust established between our domain and others. The question has been asked as to what server is a user authenticating against when logging into a trusted domain? In other words; say you have Domain A and Domain B. Domain A is in Dallas and Domain B is in Ft. Worth. There is a two way trust established. A user in Dallas is logging into Domain B from thier workstation- Does the users credentials go to the DC in Dallas then get passed to the DC in Ft. Worth or does it bypass the DC in Dallas and goes straight to the DC in Ft. Worth?
Who is Participating?
Darius GhassemCommented:
Where ever the Domain Controllers for the domain the user is logging too this is where the user will logon.

For example, Domain A user is located on Domain B's physical network the Domain A user will have to authenticate to a Domain A Domain Controller. Domain A users CAN NOT authenticate to Domain A through a Domain B Domain Controller.

Domain Trusts are setup for accesses to resources across multiple logical domains. You must think of a Domain logically not physically.
Brian PiercePhotographerCommented:
It depends - If the user is on one domain and they are logging onto a machine in another then normally authentication is passed all the way up to the forest root and then all the way back down the other side.

You can implement a shortcut trust directly between two domains to by-pass this though
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.