Cannot see trusted domain in login screen

Hi Experts,

I have a two-way transitive forest trust between two Windows 2003 forests.

My forest has one domain (A), the other has two (B and C).

I can login to domain B from a machine that is a member of domain A, but domain C does not appear in the drop-down list of domains when logging in to windows.

I can connect to both domains B and C in AD Users and Computers and browse the OUs. I can also add users from B and C to ACLs for files and folders in domain A, and add users from B and C in to security groups in domain A.

So it seems the only functionality I'm missing is the ability to login to domain C from a machine in domain A.

Since this is a transitive trust I expect this to work, but what could be the problem and where do I begin troubleshooting.

Thanks
failedAsked:
Who is Participating?
 
Mike KlineConnect With a Mentor Commented:
What you are seeing is normal behavior.   If you had a direct trust you would see the domain in the drop down.  

You should still be able to use the UPN to login though.

Thanks

Mike
0
 
Darius GhassemCommented:
Is there a direct trust setup to Domain A from Domain C?
0
 
failedAuthor Commented:
No other trust has been configured other than the transitive forest between A and B.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Darius GhassemConnect With a Mentor Commented:
Correct that is what I was getting at there is not a direct trust setup between A and C
0
 
Mike KlineCommented:
Just searched the activedir archives too.

Good discussion with Tony and Guido (two top guys)

http://www.activedir.org/ListArchives/tabid/55/view/topic/postid/11654/Default.aspx

Thanks


Mike
0
 
failedAuthor Commented:
Great answers, thanks very much for helping me understand the way this type of trust works.

I don't think I'll actually need users to login to domain C from an A machine, but I was just making sure my trust was working normally. They can use the UPN in the rare cases that its needed...I don't think I'll create another trust.

Cheers
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.