Points of My Scenario:
1. I am admin of AD forest A, but NOT AD Forest B.
2. Domain A (in forest A, containing resources) trusts Domain B (in forest B, containing accounts).
3. The trust works perfectly EXCEPT for Domain A hosts that are behind a firewall:
4. I am unable to add Domain B user/group accounts to any ACLs on Domain A hosts that are behind the firewall. Therefore:
5. No Domain B accounts can access resources on the firewalled Domain A hosts.
6. Domain B has many domain controllers so I do not know which one Domain A hosts will query for authentication.
QUESTION: How do I force firewalled Domain A hosts to query only a specific Domain B domain controller(s) for authentication? This answer will enable me to create the firewall rules for the specific domain controller(s).
Experts Exchange (EE) has become my company's go-to resource to get answers. I've used EE to make decisions, solve problems and even save customers. OutagesIO has been a challenging project and... Keep reading >>