Hi @Alessio L
If the user get a popup when he try to access on a share in another that means that SSO based on kerberos protocol is not working between domaA and DomB to access on this share.
If kerberos works , the user will access on share silentcy. You should check the kerberos settins beteen the both domain:
UPN suffix routing, : you can check it in trust properties betwwen the domains. This settings helps user to find target domain when he try to authenticate via kerberos protocol to a share or another application hosted in trusted domain
SPN : is required to configure kerberos protocol on server which hosts the share.
Network : you have to check if required ports for kerneros is alreday opened.
You can launch a netwoork capture on impacted client machineto more understand and get more details why the user is not authenticated at first time.
Please don't forget to mark helpful answer as accepted