Cross domain users unable to access file server

Question

Hi,

I have 2 domains, site A and B and have a 2 way trust configured.

Yesterday, I added a new UPN suffix to site B and enabling/disabling name suffix routing in the incoming/outgoing trust.

Upon deleting the UPN suffix, I realised that users from site A would not be able to authenticate to the file server of site B and will throw an error.

"The system cannot contact a domain controller to service the authentication request. Please try again later"

when I tried to connect to the NAS in site B using a computer domain joined to site A, I get an error.

"The name or security ID (SID) of the domain specified is inconsistent with the trust information for that domain."

Users from site A has also turned into SIDs only in the file server.

I did not configure anything in the DNS server so I am not sure what went wrong.

Answer 1

Hello ETSX，

It sounds like there may be an issue with the trust relationship between the two domains. Here are some things you can try:

1. Verify that the trust relationship still exists and is functioning properly. You can do this by running the "nltest /sc_verify:<domain name>" command on the domain controller in each domain.
2. Verify that the DNS records of the domain controllers in the two domains are correct and up-to-date. The two domains can resolve domain names to each other through the DNS service.
3. Check the security settings on the file server to ensure that users in both domains have appropriate permissions.
4. When configuring trust, make sure to open the ports used by the trust function in the enterprise gateway firewalls of both parties.

Best regards,

Qiuyang