Hi,
Just checking in to see if the information provided was helpful.
Please let us know if you would like further assistance.
Best Regards,
Vicky
Can I prevent External Domain Trusts from seeing each other in the Security -> Locations Dialog?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 32%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Joe Costa
1
Reputation point
I have a domain which has External, Non-Transitive Trusts with two other domains and Selective Authentication has been enabled.
These two other domains do not have any Trusts or locally configured DNS Stub Zones between each other.
In my domain I have a File Server which has shares configured for each external domain and access control works as expected.
Is it possible to configure the main domain to prevent the external domain from seeing each other in the Security -> Locations dialog?
If it helps to put me on the right path, if I do not grant the "Allow to authenticate" right to users from the external domains on the Domain Controllers on the Main domain then users from those domain are not allowed to browse any Locations, including their own domains to apply ACEs in the File Server.
Windows for business | Windows Client for IT Pros | Directory services | Active Directory
3 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 28.999999999999996%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVW%3C/text%3E%3C/svg%3E)
Vicky Wang 2,741 Reputation points2021-07-05T06:44:10.303+00:00 -
Vicky Wang 2,741 Reputation points
2021-07-02T08:27:46.203+00:00 What I understand is: suppose you have a DC1, and you have established external trusts with DC2 and DC 3 respectively. What you want to achieve is: DC2 and DC3 cannot see each other’s security->locations. If I understand it wrong, you can tell me
But in fact, if such a situation is impossible to achieve, it can only be said to increase the authority settings and prevent other DCs from having operational authority. However, once the trust is established, it is impossible to achieve the restriction that the page is not shown.
Hope this information can help you
Best wishes
Vicky-
Joe Costa 1 Reputation point
2021-07-06T17:24:29.987+00:00 Hello Vicky, thank you for your reply.
Do you have links for documentation used for you reply?
Thank you
Sign in to comment -
-
Vicky Wang 2,741 Reputation points
2021-07-01T09:43:48.147+00:00 Hi,
Thank you for posting in our forum
According to my knowledge, it is difficult to realize External Domain Trusts from seeing each other in the Security -> Locations Dialog
I still need a little more time to research
I will give you an update tomorrow
Thank you for your understanding and support
Best wishes
Vicky