Points of My Scenario:
1. I am admin of AD forest A, but NOT AD Forest B.
2. Domain A (in forest A, containing resources) trusts Domain B (in forest B, containing accounts).
3. The trust works perfectly EXCEPT for Domain A hosts that are behind a firewall:
4. I am unable to add Domain B user/group accounts to any ACLs on Domain A hosts that are behind the firewall. Therefore:
5. No Domain B accounts can access resources on the firewalled Domain A hosts.
6. Domain B has many domain controllers so I do not know which one Domain A hosts will query for authentication.
QUESTION: How do I force firewalled Domain A hosts to query only a specific Domain B domain controller(s) for authentication? This answer will enable me to create the firewall rules for the specific domain controller(s).
Experts Exchange (EE) has become my company's go-to resource to get answers. I've used EE to make decisions, solve problems and even save customers. OutagesIO has been a challenging project and... Keep reading >>
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.