Let me explain this better.
We have a DC and a member server.
The member server has SQL Server and the other
application. (SQL Server uses Windows Authentication.)
Next there is a DC on the client network.
The trust relationship has been established on both the
DCs.
Now when the users from the client network try to access
the application which is running on the member server,
they must be authenticated by the DC on our network. all
the users that need to access this application have been
put in a group on the DC at our end. But still SQL Server
gives the error that "Login failed for user[%s]"
But if I create a login for each of the users connecting
from the client network in SQL Server, they are able to
use the application. But this is not how it shd work. I
shd be able to add all the users from the client network
into the group created in the PDC at our end and they shd
be authenticated by SQL Server also.
To answer ur questions:
From your post I'm making the following assumptions;
Both domains are win2k, and the dc's in both are also win2k running at least
sp3.
YES
That the trust has been validated each way (ie, you can logon to A from a
machine in B and vice versa and that when you look to change acls on a
file/folder that you see both domains listed in the "look
in" window)
YES
That the sql server is successfully logging on people from the domain in
which it resides.
YES
Will that sql box authenicate anybody from that other
domain?
NO
I assume that
domain admins from one domain were added to the local admins of the other,
so will it work using one of those accounts.
NO, THE ACCOUNTS ARE NOT ADDED EXPLICITILY.
Can all dc's in the sql domain resolve, by name, the pdce of the non-sql
domain which they will have to be able to do.
YES
How is dns setup between these two domains.
WE ARE USING DC ITSELF AS DNS. FOR SERVER A, THE DNS IS
SERVER A ITSELF AND FOR SERVER B THE DNS IS SERVER B.
