You need to ensure that users in litwareinc.com can access resources on Server1

Your network contains two Active Directory forests named contoso.com and litwareinc.com.
A two-way forest trusts exists between the forest. Selective authentication is enabled on the
trust.
The contoso.com forest contains a server named Server1.
You need to ensure that users in litwareinc.com can access resources on Server1.
What should you do?

Your network contains two Active Directory forests named contoso.com and litwareinc.com.
A two-way forest trusts exists between the forest. Selective authentication is enabled on the
trust.
The contoso.com forest contains a server named Server1.
You need to ensure that users in litwareinc.com can access resources on Server1.
What should you do?

A.
Install Active Directory Rights Management Services on a domain controller in
contoso.com.

B.
Modify the permission on the Server1 computer account.

C.
Install Active Directory Rights Management Services on a domain controller in
litwareinc.com.

D.
Configure SID filtering on the trust.

Explanation:
Selective authentication between forests
If you decide to set selective authentication on an incoming forest trust, you need to
manually assign permissions on each computer in the domain as well as the resources to
which you want users in the second forest to have access. To do this, set a control access
right Allowed to authenticate on the computer object that hosts the resource in Active
Directory Users and Computers in the second forest. Then, allow user or group access to
the particular resources you want to share.
Reference: Accessing resources across forests

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

Joe

Joe

Go into the computer object in AD, security tab, ticked allow on the allowed to authenticate permissions.

Reply