Q about transitive forest trusts
Gerald (Jerry) Carter
jerry at samba.org
Thu Apr 5 15:27:42 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
I'm fishing for some info. Here's my test setup (domain names
in all caps):
CHERRY ---------> CORP
Both forests are operating in 2003 mode and the trust is
a one-way transitive forest trust.
If I join an XP client to the CHERRY domain, I do not see
the ENGR show up in the list of domains at the CTRL+ALT+DEL
logon box. I can logon to the XP client using UPN of a user
in the engr.corp.plainjoe.org domain.
The problem I have (and apparently Windows does as well) is that
DsEnumerateDomainTrusts() does not enumerate domains reachable
by the transitive trust with the CORP domain.
Has anyone played with the lsa_QueryTrustedDomainInfo()
in lsa.idl to know if that would give me more information
about the engr.corp.plainjoe.org domain in this example?
Basically I need to know the complete trusted forest heirarchy
and not just the direct outgoing trust to CORP.
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba-technical