Just with scenario 2 below. How can a user in A log onto a computer in B
when the appropriate trust has not been configured? DomainB does not trust
DomainA (you say you have a one-way forest trust in the reverse direction
only), so DomainB would not accept the credentials of a user from DomainA
Now, you say "an error is raised" - what is the error?
Cheers
Ken
--
Blog:
www.adopenstatic.com/cs/blogs/ken/
Web:
www.adopenstatic.com
: Hello
:
: First of all thank you very much Duane for your reply. I am going to fully
: explain my network here. I have two domains, domain A and B. They are in
two
: different forests. There is an outgoing trust from A to B so A trusts B
and
: can authenticate it's users but not vice versa. All domains are in win2003
: functional level. Clients are WinXP. My IIS is in a computer in A , in
domain
: controller of A I have AzMan. My web application passes credentials of the
: connected user to AzMan to check his acceess. Now we have 2 different
: conditions:
:
: 1. If a user in A logs on to a computer in A his credentials will be
passed
: from IIS to azman and is authenticated successfully. Note that I ALWAYS
get
: user name password pop up window from IE. It does not matter I enter a
user
: from A or B to this window. As long as I have logged on to the computer
with
: a user from the same domain as computer is in, everything is fine.
:
: 2. If a user in A logs on to a computer in B or a user in B logs on to a
: computer in A when the pop up window of IE appears regardless of whether
you
: enter user from A or B it will raise an error.
: I hope I have clarified it fully.
:
: Thanks.
: Reza.
:
:
:
:
: "Duane Laflotte" wrote:
:
: > Reza,
: > So let me see if I understand you correctly:
: > 1. You have two domains (A & B). Are they NT Domains or 2K
: > 2. You must have a trust between these domains because a user from
: > domain b can login to a computer from domain A.
: > 3. When you, as a User in A, hit the web application, from a
computer
: > in A, all works ok
: > 4. When you, as a User in B, hit the web application, from a
computer
: > in A, you get the NT Login box? Is that what you mean by "It doesnt
know my
: > identity".
: >
: > I would say this can be caused by a few things. The first think I would
: > look at is the rights of the files/virtual directory to make sure that
users
: > from Domain B have rights to view them. I'm assuming this is an
intranet
: > application that uses NTLM Auth? Which flavor of IIS are you using?
: >
: > Hope I can help,
: >
: > --
: > Duane Laflotte
: > MCSE, MCSD, MCDBA, MCSA, MCT, MCP+I
: > (e-mail address removed)
: >
http://www.criticalsites.com/dlaflotte
: >
: >
: > : > > Hi
: > >
: > > I have two domains A and B. I logon to a computer which is in domain
A as
: > a
: > > user in domain B. When I connect to a web application in domain A it
does
: > not
: > > know my identity. If I logon to the same computer as a user in its
native
: > > domain (domain A) everything is ok. Does somebody know in detail why
this
: > > happens?
: > >
: > > Thanks.
: > > Reza.
: >
: >
: >
