when attempting to UNC to server/share in trusting domain, prompt for credentials (ADMT)

i have 2 domains/forests set up.   2 way trust, verified in both domains.  each domain member server has respective dns search order suffixes set up.  communication not problem.  i have done many sid translations , migrations far without problem.

however, admt is failing to authenticate to server in old domain because getting 'access denied' on admin$ share.   resolved - check make sure admt user member of local administrators group, check dns suffix search order correct, etc.

i have verified these things , still proving problem.  the reason appears when on admt (new domain dc), , unc admin$ share (or other test share set up, non-administrative, matter) - prompted credentials , greeted initial (access denied) requester dialog.

it appears if enter administrative account here old domain (same domain target server) - works.  but it's failing pass new domain (admt user) across trust , server.  

whether try unc servername or fqdn\share - still prompts access denied/enter credentials box.

is there may have missed?  

thnx

this user account has explicit permission on shares? or using group membership? if so, did migrate groups?

if accessing resonances using sid history, make sure disable sid filtering.

---

santhosh sivarajan | houston, tx
http://www.sivarajan.com/



posting provided no warranties,and confers no rights.

Windows Server  >  Directory Services