none
Can't add cross domain groups RRS feed

  • Question

  • I have a domain named techen.local set up on 2 servers. I also have a domain controller that is set up to run mash.local.

    I created conditional forwarders and created a transitive trust between these 2 domains. 

    Now I need to give shared folder (located in techen.local domain) access to a group in mash.local. 

    But when I add the group, it gives and error saying "the Active Directory Domain Controllers required to find the selected objects in the following domains are not available: mash.local

    Ensure the Active Directory Domain Controllers are available, and try to select the object again"

    NSLOOKUP failes between these domain. 

    Appreciate any help to make this work.

    Thank you. 

    Friday, September 16, 2016 10:38 AM

Answers

  • Hi,

    Please enable Guest account, assign Everyone group the permission to access the sharing folder and then add the Anonymous SID to the Everyone access token.

    To enable anonymous access on a local workstation or server computer

    1.Open Local Security Settings. Click Start, click Control Panel, double-click Administrative Tools, and then double-click Local Security Policy.

    2.In the console tree, double-click Local Policies, and then click Security Options.

    3.In the details pane, right-click Network access: Let Everyone permissions apply to anonymous users, and then click Properties.

    4.On the Local Security Settings tab, click Enabled, and then click OK.

    For more information, please refer to the following Microsoft TechNet article:

    Anonymous Users and Traverse Checking

    https://technet.microsoft.com/en-us/library/cc772211.aspx?f=255&MSPPError=-2147217396


    Best Regards,
    Cartman
    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, September 19, 2016 5:48 AM

All replies

  • Anyone?
    Sunday, September 18, 2016 3:26 AM
  • Hi,

    Please enable Guest account, assign Everyone group the permission to access the sharing folder and then add the Anonymous SID to the Everyone access token.

    To enable anonymous access on a local workstation or server computer

    1.Open Local Security Settings. Click Start, click Control Panel, double-click Administrative Tools, and then double-click Local Security Policy.

    2.In the console tree, double-click Local Policies, and then click Security Options.

    3.In the details pane, right-click Network access: Let Everyone permissions apply to anonymous users, and then click Properties.

    4.On the Local Security Settings tab, click Enabled, and then click OK.

    For more information, please refer to the following Microsoft TechNet article:

    Anonymous Users and Traverse Checking

    https://technet.microsoft.com/en-us/library/cc772211.aspx?f=255&MSPPError=-2147217396


    Best Regards,
    Cartman
    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, September 19, 2016 5:48 AM
  • Hi,

    I am checking to see if the problem has been resolved. If there's anything you'd like to know, don't hesitate to ask.


    Best Regards,
    Cartman
    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, September 27, 2016 9:09 AM
  • Hi, 

    Thank you very much for your support Cartman. 

    I still could not test this out. 

    I will update you as soon as I make the changes. 

    Thanks again.

    Thursday, September 29, 2016 10:58 AM
  • Hi,

    Is there any update?


    Best Regards,
    Cartman
    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, October 6, 2016 1:49 AM