RDS Server cannot access DCs of a trusted Domain
Posted on 2014-09-17
We are currently undergoing a domain migration from a server 2008 forest to a new 2012 forest. There is only one domain in each forest.
Between these two domains there exists a bidirectional trust, which i already verified and seems to be working fine. There are also trust to other Forests in both domains.
FFR i will call the old domain "D1" and the new domain "D2".
In D2 we have a RDS Server running 2008R2, which was migrated from D1. I added the builtin group "Domain Users" of D1 to the local "Remotedesktop Users" group and also the same group of another trusted domain. All of this worked perfectly fine untill monday. Ever since then users of D1 can no longer authenticate to the RDS Server.
When i checked the local RDS Users group i noticed that the domain users group of D1 was missing and replaced by a unresolved SID. Attempting to add the group again results in really weird behavior. In the add users / groups dialog bnox i can select D1, enter "domain", select the domain useres group and when i klick ok i get the usual underlined display of the group name. So far so good. As soon as i hit the ok button again to save the changes to the group i get an error, that no DCs for D1 could be reached / found. But i just searched D1 for the domain users group and it worked!?
I'm really confused right now and can't seem to find the error.