VeeamON 2021: Free Online Conference - Register Now VeeamON 2021: Free Online Conference - Register Now

Two-domain Active Directory rights conundrum

Home Forums Server Operating Systems Windows Server 2000 / 2003 / 2003 R2 Two-domain Active Directory rights conundrum

Viewing 1 post (of 1 total)
  • Author
  • Avatar

    Hey all,

    Where to begin (*sigh*). We have two domains in our environment – ZIPSERVE and BIG.OPS. BIG.OPS has an outgoing trust to ZIPSERVE.

    In the ZIPSERVE directory, we have a group called Coordinators who login to their machines under the ZIPSERVE domain, but need to use the Active Directory Sites and Services tool to manage usernames and passwords in the BIG.OPS directory. They typically open an MMC, right-click ZIPSERVE, choose Connect to Domain, type in BIG.OPS and click OK.

    About a week ago, this portion *broke*. After they typed in BIG.OPS and clicked OK, a message now appears saying:

    Windows cannot connect to the new domain because:
    Logon failure: unknown username or password

    *They were NOT prompted for credentials*

    However, they can sort of get around this by right-clicking ZIPSERVE again, this time choosing Connect to Domain Controller, and connect using

    But unfortunately, once they are connected and want to manage the BIG.OPS domain, they are constantly prompted for their ZIPSERVE credentials and/or are denied access to changes they want to make, even though they have full rights on the OUs they are adjusting.

    I initially suspected a trusts issue between the two domains, but I validated it today and that went fine. I’m not sure where to start – can someone throw me a bone?


Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Free Online Conference - May 25th and 26th

VeeamON 2021: Free Online Conference

Join us to gain your professional edge with technical and visionary learning from the brightest minds in IT at the definitive conference for Modern Data Protection.

Register Now

Sponsored By