Cross-domain authentication

[Ken Krause]

I have a 2-domain network with AD in each domain. All
servers are Win2000 SP3. Each doamin has 2 domain
controllers and there is a trust between them that I have
validated. The problem is that from a Run prompt, I can
type in \\dc1\c$ from a computer(where dc1 is the domain
controller in the 1st domain and the computer exists in
the second domain)and I can be authenticated automatically
by the trust using the administrator login name and
password from domain 2.

However, if I try from the same computer's Run prompt to
connect to another server in dc1's domain, I am prompted
for a login name and password. I am able to authenticate
once I supply the login information, but I need this
process to be automatic. In this instance, it doesn't
appear that the trust is validating the login.

Any ideas?
TIA,
Ken

 

[Greg]

I THINK it's because you created the trust it is NOT
transitive, causing you to authenticate to the domain to
identify yourself where connecting to the dc you are
authenticated due to the trust.

that's what we are experiencing here

Good Luck,

Greg

 

[Peter Zajac]

Ken,

You are running into this issue because you are trying to access \\dc1\c$,
not to a share. In order to access a "c$" drive on any machine on the
network you must be an Administrator on the target machine (i.e.: member of
Domain Admin group, which is not shared between domains). To correct this
you must either:

- add your account to the Local Administrators group on the target machine
- or create a new share and define proper security rights to access it.

Peter