Adding user from a trusted Domain

G

Guest

Hi.

I need to add a user from a Trusted Domain to a Global
Security Group (i validate/check the trust, is currently
working) but when i go to Active Directory Users and Group
in the Domain Controller, i can't see/browse the Trsuted
Domain, so, i can not add the user to the Global Group.

Any suggestions? Thanks in advanced,
 
S

Simon Geary

When you created the trust to the other domain did you also reconfigure DNS
so that the new domain was contactable? eg You can create a secondary DNS
zone for the trusted domain on your own domains DNS server.
 
J

Joe

Thanks for reply Simon.

Yes, all DNS zones are ok. The most weird think is that i
can see/add/browse the foreign account into a Built-In
Local Domain Group. Is this a design issue instead a
problem?

What i'm really needing is add the foreign user (say John
Dow from Domain A) into a Global Security Group
called "ComputerInstallers", in Domain B.

Each Domain is in its own Forest. In active Directory
Users and Computers when i press "Add User" i just see
listed Domain B (the local Domain)...not Domain A.
 
S

Simon Geary

Ah yes, I never read your question properly the first time. With a Global
Group you can only add users from the same domain as the Global Group is
created in. Try adding a group from the trusted domain directly to the
object in your own domain instead.
 
G

Guest

Hi Simon.

Thanks in advanced...and sorry (stupid question i made). I
was reading and i found that...its a Global Group, so i
can't add a member to this group from a foreign Domain.

Anyway, i need these people be able to add computers in
the "B" Domain. What can i do? simply "pull" the User(s)
from "A" Domain and create give 'em the add/delete
computer object rights over the "Computer" folder in the
DC?
 
S

Simon Geary

You can allow this with Group Policy I think, although I've never tried it.
Check in your Default Domain Controllers Policy, Windows Settings, Security
Settings, Local Policies, User Rights. Add the group to the policy called
'Add workstations to the domain'.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Access to Trusted Domain Resources and Scanning 5
Trusted Domain Global Groups 3
can't logon trusted domain 1
Problems browising for users/groups on Trusted Win2K3 domain from 2
Cannot add users from trusted domain 1
Trusted domains 1
Only SID is displayed under Members 3
Universal groups scope with trusted domains. 5

Top