Points of My Scenario:
1. I am admin of AD forest A, but NOT AD Forest B.
2. Domain A (in forest A, containing resources) trusts Domain B (in forest B, containing accounts).
3. The trust works perfectly EXCEPT for Domain A hosts that are behind a firewall:
4. I am unable to add Domain B user/group accounts to any ACLs on Domain A hosts that are behind the firewall. Therefore:
5. No Domain B accounts can access resources on the firewalled Domain A hosts.
6. Domain B has many domain controllers so I do not know which one Domain A hosts will query for authentication.
QUESTION: How do I force firewalled Domain A hosts to query only a specific Domain B domain controller(s) for authentication? This answer will enable me to create the firewall rules for the specific domain controller(s).
Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.
TRUSTED BY
ASKER