question

CoreyLuihnAMSDATASERFSINC-5525 avatar image
0 Votes"
CoreyLuihnAMSDATASERFSINC-5525 asked ·

Switching from a Domain level authentication to Selective authentication in a One Way Outgoing trust

I have a One Way outgoing trust setup with Domain Level Authentication setup. I want to change it to selective authentication. With me being the trusting domain and the other domain be the the trusted domain, if I change to Selective Authentication will there need to be any action on the part of the trusted domain?

windows-active-directory
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered ·

Hi,

No more actions need to be operated on the part of the trusted domain.

After you switching from a Domain level authentication to Selective authentication, you also need to be granted "Allowed to Authenticate" right on the file server if the users from the trusted forest want to access resources from the trusting forest.

To assign the permission:
1. Login to local domain controller where the resource (workstation) resides. Open AD Users and computers – switch to Advanced Features view.
Find the workstation you are trying to login to – right click – properties – security tab.
2. Under group or Usernames – click Add.
3. Select Locations – select domain that contains the user account trying to login.
4. Enter username – click OK – authenticate with account that has access.
5. Select user – then in permissions for user select “allow” for allowed to authenticate.

Best Regards,



· 1 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.


Hi,
Welcome to share your current situation if there are any updates.
Please feel free to let us know if you need further assistance.
 
Best Regards,

0 Votes 0 ·