Re: Domain Issue

From: burano (ravburano_at_hotmail.com)
Date: 02/14/05 

Date: Mon, 14 Feb 2005 19:01:31 -0000

Hi,

Sorry I wasnt being clear. Say for example I log onto the PDC in an nt 4.0
domain (call it dom A)and I want to set a users permisison on a file server
in Dom B (resource domain) I can also browse all other accounts in domain C.
There are no trusts between A and C.

Now if I do the same thing from a 2000 machine in Dom C I cannot browse the
other domain A. What happens is that a challenge appears asking for a
username and password.

"Roger Abell" <mvpNOSpam@asu.edu> wrote in message
news:uZ7BzbqEFHA.1264@TK2MSFTNGP12.phx.gbl...
> What NetBIOS issue?
> As I read your post
>> when an admin in either Domain B or C uses an NT
>> client to configure its users on the file share in
>> domain A it can browse both domains B & C and
>> see all the users accounts in both those domains
> is expected behavior when
> 1. A is account domain, so accounts used in B and C
> are defined there
> and
> 2. They have logged into a machine in domain A
> --
> Roger Abell
> Microsoft MVP (Windows Security)
> MCSE (W2k3,W2k,Nt4) MCDBA
> "rui" <rui@discussions.microsoft.com> wrote in message
> news:16660E46-04BB-40E1-BD35-10E3C69B0862@microsoft.com...
>> I have currently got a test setup with 3 2003 domains (A, B & C - all in
>> seperate forests).
>>
>> Domain A is a resource domain, so it has a one way outgoing trust to both
> B
>> & C. There are
>>
>> no other trusts configured.
>>
>> Domain Admins in B & C setup their users with their appropriate
> permissions
>> on the file
>>
>> server in Domain A.Everything works fine.
>>
>> But this is the thing; when an admin in either Domain B or C uses an NT
>> client to configure
>>
>> its users on the file share in domain A it can browse both domains B & C
> and
>> see all the
>>
>> users accounts in both those domains. If they use a 2000/XP client they
> get
>> challenged.
>>
>> I dont want the admins to be able to browse through another domain but
> there
>> own because it
>>
>> is a security risk but I must allow NT clients on the domain.
>>
>> What can I do with this netbios issue?
>>
>> Thanks
>
>

Relevant Pages

  • Re: Domain Issue
    ... b trusting c or using forest implicit trusts unspecified ... and accounts of a are not visible ... > in Dom B (resource domain) I can also browse all other accounts in domain ... >>> client to configure its users on the file share in ...
    (microsoft.public.windows.server.security)
  • Re: backup server software
    ... This isn't what Dom was describing. ... since NFS is already built in. ... The client can start its restore while ... > Thanks Anton, that is exactly what I meant. ...
    (comp.unix.solaris)
  • Re: Drilling Down to the very Data in the FormView/DataGrid
    ... > I know we have to be able to do this, or Microsoft was stupid. ... Imagin each cell in the grid to be an element in an array of rows. ... DOM at the server (there is also a DOM at the ... client. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: How to force users to default to Shutdown in XP
    ... > Dom wrote: ... >> I have a client that needs to force all users when selecting shutdown ... thanks Malke, I'll see if the options are in Group Policy. ...
    (microsoft.public.windowsxp.general)
  • Re: How can you implement MSHTML.HTMLDocument in ASP???
    ... Client side or server side? ... Use XMLHttp object to get the content of the string and then parse it by ... we can get DOM object in OnDocumentComplete method. ...
    (microsoft.public.inetserver.asp.general)
Quantcast