Questions tagged as ['trust-relationship']

Score: 0
rmarles avatar
Cannot RDP across one-way forest trust from child domain
sz flag

We have an AD identity forest with a one-way incoming transitive forest trust from a resource forest. Name suffix routing is enabled.

Users in the identity forest root domain can RDP to hosts joined to the resource forest


Users in the identity forest child domain cannot RDP to a host in the resource forest - they get an error message "The security database on the server does not have a compute ...

Score: 0
Chris Stankevitz avatar
Cannot live migrate VM from certain user on certain host
in flag


Forest A Forest B
Forest ForestA ForestB
Domain DomainA DomainB
Computers ComputerA1, ComputerA2 (none)
User UserA UserB


  • ForestA trusts ForestB
  • ForestB trusts ForestA
  • UserA is an administrator of ComputerA1 and ComputerA2
  • UserB is an administrator of ComputerA1 and ComputerA2

Moving VMs with Hyper-V

I have Hyper-V running on ComputerA1 and ComputerA2. I have Hy ...

Score: 0
Chris Stankevitz avatar
"logon session does not exist" when cmdlet wrapped in do-nothing Invoke-Command
in flag

While logged into HOST1, my user can successfully run this powershell command to move a running VM from HOST1 to HOST2:

Move-VM -Name DC02 -DestinationHost HOST2 -IncludeStorage -DestinationStoragePath "V:\Virtual Machines\DC02"

However, this command (which does the same thing because HOST1 is localhost) fails:

Invoke-Command {
  Move-VM -Name DC02 -DstinationHost HOST2 -IncludeStorage -DestinationSto ...
Score: 0
How can I force Active Directory integrated DNS to only return SRV records for specific domain controllers based on the subnet of the client?
fr flag

I have a set of several offices joined using various combinations of IPsec VPNs and an MPLS network. The majority of sites form a mesh arrangement using the VPNs, but site B only has a single IPsec VPN to site A - site B cannot reach any of the other sites (sites C, and D).

Sites A, C, and D all share an Active Directory domain, say "". Domain controllers for are located  ...

Score: 1
user2956014 avatar
Unable to rename the DN using trusted domain user credentials
in flag

I have two AD in which two-way trusts relationship(forest and transitive) exists. Trusted domain are and

I created a AD-User(TEST1) in using administrator credentials of trusted domain ( But I am not able to rename the computer username from TEST1 to TEST2 using administrator credentials of

I can see ldap_rename is giving the error insuffici ...

Score: 1
Chris Stankevitz avatar
Forest trust: SPN mismatch for non-fully-qualified name
in flag


All computers running Windows Server 2019.

Domain A

Item Value Fully Qualified
Domain Name DomainA DomainA.local
User UserA UserA@DomainA.local
Server FileServer FileServer.DomainA.local

Domain B

Item Value Fully Qualified
Domain Name DomainB DomainB.local
User UserB UserB@DomainB.local
Server FileServer FileServer.DomainB.local
Worksation WorkStation WorkStation.D ...
Score: 1
Manu avatar
Apache Guacamole Login with User from DomainA, rdp to Server from DomainB
us flag


We log into Gucamole with a User from DomainA where we select a rdp-connection to a server from DomainB.


DomainA to DomainB and vice versa:

  • Type: External
  • Kerberos AES Encryption support: no
  • Direction: two-way
  • Transitivity: no
  • Authentication: Domain-wide


User from DomainA has been joined to the local Remote Desktop Users group on the Server from DomainB. Have temporarily al ...