Can I prevent External Domain Trusts from seeing each other in the Security -> Locations Dialog?

Joe Costa 1 Reputation point
2021-06-30T18:17:00.63+00:00

I have a domain which has External, Non-Transitive Trusts with two other domains and Selective Authentication has been enabled.

These two other domains do not have any Trusts or locally configured DNS Stub Zones between each other.

In my domain I have a File Server which has shares configured for each external domain and access control works as expected.

Is it possible to configure the main domain to prevent the external domain from seeing each other in the Security -> Locations dialog?

110706-security.jpg

If it helps to put me on the right path, if I do not grant the "Allow to authenticate" right to users from the external domains on the Domain Controllers on the Main domain then users from those domain are not allowed to browse any Locations, including their own domains to apply ACEs in the File Server.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,801 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Vicky Wang 2,641 Reputation points
    2021-07-01T09:43:48.147+00:00

    Hi,

    Thank you for posting in our forum

    According to my knowledge, it is difficult to realize External Domain Trusts from seeing each other in the Security -> Locations Dialog

    I still need a little more time to research

    I will give you an update tomorrow

    Thank you for your understanding and support

    Best wishes

    Vicky

    0 comments No comments

  2. Vicky Wang 2,641 Reputation points
    2021-07-02T08:27:46.203+00:00

    What I understand is: suppose you have a DC1, and you have established external trusts with DC2 and DC 3 respectively. What you want to achieve is: DC2 and DC3 cannot see each other’s security->locations. If I understand it wrong, you can tell me

    But in fact, if such a situation is impossible to achieve, it can only be said to increase the authority settings and prevent other DCs from having operational authority. However, once the trust is established, it is impossible to achieve the restriction that the page is not shown.

    Hope this information can help you
    Best wishes
    Vicky


  3. Vicky Wang 2,641 Reputation points
    2021-07-05T06:44:10.303+00:00

    Hi,
    Just checking in to see if the information provided was helpful.
    Please let us know if you would like further assistance.
    Best Regards,
    Vicky

    0 comments No comments