Microsoft Radius - Users can't authenticate through wireless from another child domain.

We have a multiple sites A and B child domains, there is trust between A and B, both are child domains, it's Active Directory 2008 functional level.  If user from site A travels to site B, users in the A cannot not authenticate to user B site.

The authentication method is PEAP.  Could we just add the domain users from site A.  Is this possible, if not then how do we resolve this?

Thanks!
tools2teachAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
If run the following query on site B
Nslookup -q=src _ldap._tcp.dc_msdcs.siteaaddomain
What is the response that you get? If you get nothing this means your DNS is not setup to provide site A DC information to which the request would be sent.

Your question confuses

Usera from site A travels to site b,

You may need to add site A DNS stub on site B.
Or establish conditional forwarders on each end for the other. Presumably you have the sites connected via a VPN.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tools2teachAuthor Commented:
Just more information that I left out.  Child domain A user traveling to site B can authenticate to child domain A through a wired connection but not through wireless.
arnoldCommented:
What DNS if any does the wireless connection provides versus the wired.
What ip does the user get on each and what the VPN policy say about the wireless segment?
tools2teachAuthor Commented:
Ok, did a bit more troubleshooting this morning.  When the child domain A user is wired in, then takes the the laptop off the network onto the wireless, the user can authenticate using Radius to the wireless.

Do you think this is still a DNS issue?
arnoldCommented:
What do you mean?  When the user is already logged in, the authentication to wireless is an 802.1x type to authorize the computer/user to access/use the wireless connection?

If the user simply goes and boots the computer than the wifi connection, the user can not authenticate into the laptop?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.