Or you could just get users accustomed to using UPNs for logon and avoid the "problem". :-)
Laura > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Grillenmeier, Guido > Sent: Friday, July 14, 2006 10:42 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Forest trust - domain drop down list > > yes Tony, this is standard behaviour - you'll only "see" > domains that are directly trusted. Trust type doesn't matter. > Even though a forest trust will be transitive to all child > domains by default, you'll have to use UPN to authenticate to > a child domain. Which is another reason why empty placeholder > roots don't really make an administrator's life easier... > The challenges continue for viewing objects of a trusted > child-domain accross a forest trust in the object picker - > afaik, it will also just show you the root domain (but you > can find objects in the child by searching the GC...) > > if you put in a normal external trust between your DomB and > the DomA2, you'll lose the benefit of kerberos authentication > from your forest trust (when choosing DomA2 in the logon > window). If that's ok for you, this is a solution, but then > you might as well get rid of the forest trust... > > /Guido > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray > Sent: Freitag, 14. Juli 2006 05:54 > To: ActiveDir@mail.activedir.org > Subject: [ActiveDir] Forest trust - domain drop down list > > Here's the scenario > > Forest trust between ForestA and ForestB. > ForestA has two domains DomA1 (placeholder root) and DomA2 > ForestB has one domain DomB > > Users from DomA2 sometimes log into DomB member machines. > DomA2 is not shown in the drop-down list of domain names in > the login dialog. > DomA1 is shown. > > Users from DomB sometimes log into DomA2 member machines. > DomB is not shown in the drop-down list of domain names ni > the login dialog. > > Is it normal behaviour for the drop-down list not to show all > the domains with trusts (including those that are transitive > via the forest trust)? If so, is there any way to change the > behaviour? > > The users can obviously login using UPN, but they are not > used to doing this and there is talk of putting in an > explicit domain trust between DomA2 and DomB simply to get > around this. Ugh. > > Tony > > > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.activedir.org/ml/threads.aspx > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
