Your network contains two Active Directory forests named contoso.com and adatum.com. All
of the domain controllers in both of the forests run Windows Server 2012 R2. The
adatum.com domain contains a file server named Servers.
Adatum.com has a one-way forest trust to contoso.com.
A contoso.com user name User10 attempts to access a shared folder on Servers and
receives the error message shown in the exhibit. (Click the Exhibit button.)
You verify that the Authenticated Users group has Read permissions to the Data folder.
You need to ensure that User10 can read the contents of the Data folder on Server5 in the
adatum.com domain.
What should you do?
A.
Grant the Other Organization group Read permissions to the Data folder.
B.
Modify the list of logon workstations of the contoso\User10 user account.
C.
Enable the Netlogon Service (NP-In) firewall rule on Server5.
D.
Modify the permissions on the Server5 computer object in Active Directory.
Explanation:
To resolve the issue, I had to open up AD Users and Computers –> enable Advanced
Features –> Select the Computer Object –> Properties –> Security –> Add the Group I
want to allow access to the computer (in this case, DomainA\Domain users) and allow
“Allowed to Authenticate”. Once I did that, everything worked:
http://technet.microsoft.com/en-us/library/cc816733(v=ws.10).aspx