question

JoeCosta-2881 avatar image
0 Votes"
JoeCosta-2881 asked JoeCosta-2881 commented

Can I prevent External Domain Trusts from seeing each other in the Security -> Locations Dialog?

I have a domain which has External, Non-Transitive Trusts with two other domains and Selective Authentication has been enabled.

These two other domains do not have any Trusts or locally configured DNS Stub Zones between each other.

In my domain I have a File Server which has shares configured for each external domain and access control works as expected.

Is it possible to configure the main domain to prevent the external domain from seeing each other in the Security -> Locations dialog?

110706-security.jpg

If it helps to put me on the right path, if I do not grant the "Allow to authenticate" right to users from the external domains on the Domain Controllers on the Main domain then users from those domain are not allowed to browse any Locations, including their own domains to apply ACEs in the File Server.

windows-active-directory
security.jpg (62.1 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

VickyWang-MFST avatar image
0 Votes"
VickyWang-MFST answered

Hi,

Thank you for posting in our forum

According to my knowledge, it is difficult to realize External Domain Trusts from seeing each other in the Security -> Locations Dialog

I still need a little more time to research

I will give you an update tomorrow

Thank you for your understanding and support

Best wishes

Vicky

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

VickyWang-MFST avatar image
0 Votes"
VickyWang-MFST answered JoeCosta-2881 commented

What I understand is: suppose you have a DC1, and you have established external trusts with DC2 and DC 3 respectively. What you want to achieve is: DC2 and DC3 cannot see each other’s security->locations. If I understand it wrong, you can tell me

But in fact, if such a situation is impossible to achieve, it can only be said to increase the authority settings and prevent other DCs from having operational authority. However, once the trust is established, it is impossible to achieve the restriction that the page is not shown.

Hope this information can help you
Best wishes
Vicky

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello Vicky, thank you for your reply.

Do you have links for documentation used for you reply?

Thank you

0 Votes 0 ·
VickyWang-MFST avatar image
0 Votes"
VickyWang-MFST answered

Hi,
Just checking in to see if the information provided was helpful.
Please let us know if you would like further assistance.
Best Regards,
Vicky

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.