none
Cross Forest RDP - Have to manually specify domain

    Question

  • We are having an issue when a user in forestB is RDP'ing to an XP system in forestA. We are in a transitional state where some users have migrated to our new forest (forestB) but still need access to systems in forestA. The issue is that when they input their new login credentials for forestB in the form of forestB\username into mstsc and hit connect, the XP system they're connecting to doesn't recognize the domain (forestB) and gives them an error stating to make sure the username and domain are correct. At this point they're connected, but sitting at the login screen. The login box shows their username as just username without the domain, so it looks like the domain name isn't being passed through to the system they're connecting to. When at the login screen if they change the username to include the domain, forestB\username, it does let them login. The domain for forestB does not show up in the dropdown list. Because they're able to authenticate by manually specifying the domain, I don't see it being an issue with trusts, or is it?

    A little info about the environment is below.

    old.domain.com - This is the domain where the systems they're connecting to reside (forestA)

    domain.new - This is where the user accounts have been migrated to (forestB)

    RDP client is 6.1.7600 on both systems

    Network Level Authentication is on

    There is a two-way transitive trust between domain.com and domain.new

    old.domain.com is Windows Server 2003 functional level

    domain.com is Windows Server 2003 functional level

    domain.new is Windows Server 2008 R2 functional level

    I hope this makes sense. If you need any additional information please let me know.

    Thanks,

    Tony






    Friday, May 24, 2013 4:12 PM

Answers

All replies

  • Hi ,

    Thank you for posting your issue in the forum.

    I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.

    Thank you for your understanding and support.

    Best Regards,

    Andy Qi


    Andy Qi
    TechNet Community Support

    Wednesday, May 29, 2013 8:10 AM
    Moderator
  • Please try adding UPN suffix on ForestA, according to the KB article: http://support.microsoft.com/kb/243629 

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Friday, May 31, 2013 10:52 AM