How to Add users from external domain to local AD Group

Hello Team,

I have an external trust between my domain and another companies domain.
I want to create a security group in AD and members from that external domain to it.
but when I try, all I am seeing is my domain when I go to locations

How can I add users from other domains to my local security group?
Top DocSystems AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

RobertSystem AdminCommented:
You will want to look into the group Types. That is likely the issue.

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc755692(v=ws.10)
Top DocSystems AdministratorAuthor Commented:
Hi Robert,

I was looking at a similar article and did create the group as a universal group, but even then, when I went to specify the location that I wanted to select the group members from, I was only seeing my domain.
RobertSystem AdminCommented:
Might be DNS related if your already using the correct group type.

I did a quick search on MS and the following provides information about the issue your having if it is DNS related this may help.
https://social.technet.microsoft.com/Forums/windows/en-US/1f2d8abb-8e2a-4b86-9378-4aec9057a095/domain-trusts-unable-to-add-users-to-groups?forum=winserverDS
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

Adam BrownSenior Systems AdminCommented:
This is normal. The Group Membership Add function can only access users that are in Domains that are in the same forest as the DC you are browsing from. You would need to go to the other domain, open ADUC, run a search, choose your domain from the list, enter the name of your Universal group, select that group's properties, then add members. It should then show you the users of the other domain that can then be added to the Universal Group. It's a little annoying, but that's how it's done.
Jeff GloverSr. Systems AdministratorCommented:
Make the group a Domain local group. I know it says for a Universal group, users from any domain can be added but I have found this not to be the case. You can add universal groups from other domains to security permissions but to add a user, you need to add it to a domain local group.  You can add groups from the trusted domain (Global and Universal) to the Domain local group.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Top DocSystems AdministratorAuthor Commented:
Team,

Sorry for the delayed responses.

@Jeff, your solution worked like a charm.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.