Grant folder permission to trusted forest domain issue

Keith-KH 1 Reputation point
2022-10-19T07:27:59.12+00:00

I have 2 forest domain and setup a two ways trust. Forest Trust (Two way)& Forest-wide authentication.
Domain A: Win Server 2012R2 x2
Domain B: Win Server 2012R2 & Server 2008

I try to grant folder permission on Domain A. I can reach and select users of Domain B but it prompt an error "The Active Directory Domain Controllers required to find the selected objects in the following domains are not available: <fqdn of domain b>"
251911-2.png
After that I check the two ways trust on Domain A. The prompt "Unable to read forest trust information from the other domain. The error is: Access is denied" when I click "refresh" on "Name Suffix Routing".
251868-1.png
The trust cannot be validated and prompt "The secure channel (SC) verification on Active Directory Domain Controller <Domain A> to domain Domain B failed with error: Access is denied".
251855-3.png
I can grant folder permission on Domain B and validate the trust on Domain B without any error. I confirm the firewall port "53, 88, 389, 445, 636, 135, 3268, 3269" between Domain A & Domain B have no problem. Also I applied the group policy "Network access: Named pipes that can be accessed anonymously" with "netlogon, samr, lsarpc" but it still not work.
Please help...

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,523 questions
0 comments No comments
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.