Cross Domain authentication between Windows 2012 R2 domains

Hello,
I am trying to figure out if this is possible.
We have 2 companies that have a VPN between them.
I can ping their PCs and access their servers by name no issues.
What I am trying to do is setup a cross domain authentication.
So their credentials can be authenticated without creating an account for them on a local network. (and vise versa)
This way on our domain I can create share and they will be able to access it without needing to logon without different credentials.
Thank you.

We have Meraki with Site to Site VPN.
Site-to-site firewall
Policy
Protocol
Source
Src port
Destination
Dst port
Comment
Actions
<tfoot>
Allow
Any
Any
Any
Any
Any
Default rule
</tfoot>
Add a rule
So as you can tell we don't block anything at all.

Similar Messages

Support NTLM authentication against Windows 2012 RD Gateway on iOS/Android

iOS/Android clients use only Basic authentication against Windows 2012 RD Gateway (HTTP transport), while it provides more secure options like NTLM. Both Windows and Mac clients use NTLM in that case.

Hi,
For this you can specify the policy setting for “RD Gateway authentication mode” under below path.
User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\RD Gateway
In addition you can refer beneath article if find helpful in your case.
Remote Desktop Gateway client fails authentication with “Your user account is not authorized to access the RD Gateway”
http://blogs.technet.com/b/networking/archive/2010/01/14/remote-desktop-gateway-client-fails-authentication-with-your-user-account-is-not-authorized-to-access-the-rd-gateway.aspx
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

0x80070035 Across WAN between Windows 2012/8 Computers

Head scratcher on this one. Network Shares/Servers running Windows 2012 are unaccessible across the WAN but only When it is a Windows 2012 or 8 client. Here is a basic view of what is happening;
If User in NoCal tried to access information from a Windows 8.1 machine to any share on a Windows 2012 R2 Server located in SoCal, you get
"Windows cannot access \\SoCal2012" and the error is
0x80070035. If the same user tries to get information from a SoCal Windows 2008 R2 server, success. If that same NoCal user tries from a Windows 7 computer, to either a 2012 or 2008 server in the SoCal office, Success.
Same issue going from SoCal to NoCal with same outcomes using Windows 8 or 7 and accessing Windows 2008 or 2012 servers located in NoCal. This is also true when logged into a Windows 2012 Server and trying to access a Windows 2012 server across the WAN.
Locally there is no issue. Windows 8 or 7 can access the local servers with no issues.
Some of the things I've looked at was the NetBIOS over TCP/IP, Firewall settings for Domain, Private and Public, RequireSecuritySignature on SMB. Looked into Audit Policy for removable storage and Object access. Now I am posting here. It seemed to be working
for a minute lastnight before I left work, and the issue is back this morning.
Any help solving this riddle would be appreciated.

Hi,
Above all I would like to know if it is a DNS resolution related issue.
As you are accessing server via NetBIOS name, please make sure that DNS suffix is displayed correctly in Advanced TCP/IP settings.
Also you can try an nslookup, or accessing the server with FQDN (\\server.domain.com) to see the result.
SMB negotiation could also cause issue. If this is the case you will need to capture a package with Network Monitor to get the connection process. Find the package with error and let us know the exact information.
Detailed information could be found:
Microsoft SMB Protocol Packet Exchange Scenario
http://msdn.microsoft.com/en-us/library/windows/desktop/aa365236(v=vs.85).aspx
And this is the article for using Network Monitor to capture network traffic. You can upload your package to an online storage such as OneDrive - Please note the package could be accessed by anyone so it is fine if you do not willing to share it online.
How to use Network Monitor to capture network traffic
http://support.microsoft.com/kb/812953/en-us
If you have any feedback on our support, please send to [email protected]

Exporting and Importing Virtual servers with Windows 2012 R2 Hyper V

Hi
We are looking for various options / best practice in exporting and importing VSs between Windows 2012 R2 servers. Live migration we tested between servers in same VLAN and it's fine, but some servers are in different VLAN and hardware firewall is there
in between. So we exported the VS and while importing it, there is no option to export each Virtual disk to separate partitions / LUNs. Is it fine to create a new VS in the new server and just copy the VDs from the other HV host server, or exporting and importing
is the only proper method?
Thanks in advance
LMS

Hi Laljeev,
Please allow me to state my understanding of the two methods :
1.when you want to copy vhd you may need to shutdown the VM , further more if there is some snapshots I think it will be a trouble .
2. "export" you still need to shutdown VM but it doesn't have the trouble with snapshots .
The other way I will use is , "move" all of the VM's data to external disk then import it into destination hyper-v server (it can decrease the off-line time of VMs).
Best Regards
Elton Ji
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Elton, in Windows Server 2012 R2, we do not need to show down the VM to export it via the Hyper-V Manager GUI or Powershell...
Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable) _________________________________________________________________________________
Powershell: Learn it before it's an emergency http://technet.microsoft.com/en-us/scriptcenter/powershell.aspx http://technet.microsoft.com/en-us/scriptcenter/dd793612.aspx

Problem authenticating user in Active Directory cross domain

Hi,
We have two different AD servers serving our London and Tokyo networks. My application runs in London network but used by both London and Tokyo users.
The two ADs have domain trust setup between them. I have groups defined in London AD to which users from both the London and Tokyo ADs are assigned.
'm trying to connect to London AD using the "users credentials" and retrieve the groups they are assigned to.
I can connect to the London AD using any of the London user and I could retrieve the groups. But when I use a Tokyo user credentials to connect using the London AD server 'm getting Security exception with a code indicating "User Not Found".
The code I use which is very basic is given below . The code below run as such gives me the following error,
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece.
If I change in the code below, Provider URL to Tokyo AD Server URL then it works but I can't use that due to security restrictions. As per the Windows Team the domain trust should allow me to connect/bind to the London AD Server with the Tokyo credentials.
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "london ldap server url");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.REFERRAL, "follow");
env.put(Context.SECURITY_PRINCIPAL, "[email protected]");
env.put(Context.SECURITY_CREDENTIALS, "password");
env.put(LdapContext.CONTROL_FACTORIES, "com.sun.jndi.ldap.ControlFactory");
ctx = new InitialLdapContext(env, null);
I would like to know how to authenticate a user in a cross domain Active Directory environment. I read in one of the blogs that the "simple bind" will not work for cross domain user authentication. Unfortunately the blogger didn't mention what would work :( . Any help is much appreciated.
Please bear with me if my query is a naive one and point me in the right direction.
Thanks
Jothi

Hi Praveen,
to avoid losing data when user objects are moved to new locations in the LDAP server, it is possible to configure the User Management Engine to use the value of a specific unique attribute as part of the unique ID instead of the distinguished name.
For this, you have to change the following UME properties:
For user objects: ume.ldap.unique_user_attribute=<attributename>
For account objects: ume.ldap.unique_uacc_attribute=<attributename>
For group objects: ume.ldap.unique_grup_attribute=<attributename>
Be aware that the attribute (i.e. cn or uid) must be unique in the configured user/group path.
Please read SAPNote 777640 for more information regarding this problem and the way to change the UME properties.
Best regards,
Robert

Windows 2012 Domain Controller NETLOGON error

We have Sonicwall
firewall user authentication System active since last two months. We have Windows 2012 Active directory server setup
with around 1400 user account created. These accounts were created by using following PowerShell scripts
Import-Module ActiveDirectory
#Import CSV
$csv = @()
$csv = Import-Csv -Path C:\Users\Administrator\Desktop\"College User Ac Password Details"\FE\civil.csv
FOREACH ($Person in $csv) {
$name = $Person.UserName
$displayname = $Person.Name
$path = "OU=FE,DC=comp,DC=com"
$password = $Person.Password
$enabled = $True
$changePW = $False
$description="CIVIL"
new-ADUser -SamAccountName $name -Name $name -Description $description -DisplayName $displayname -Path $path -AccountPassword (ConvertTo-SecureString $password -AsPlainText -force) -Enabled $enabled -ChangePasswordAtLogon $changePW -PassThru}
Above script reads an CSV file with username and passwords and create user accounts on Active Directory.
But since today we are facing issue during authentication process. We are unable to logon to Directory server. When Sonicwall firewall tries to authenticate an user, it logged-out same user. When I checked Event logger on Windows Active Directory server it
shows following message.
The dynamic registration of the DNS record 'ForestDnsZones.comp.com. 600
IN A 192.168.0.12' failed on the following DNS server:
DNS server IP address: 216.37.64.6
Returned Response Code (RCODE): 5
Returned Status Code: 9017
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate
registration of the DNS records by the domain controller. To determine what might have
caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and
Support Center. To initiate registration of the DNS records by this domain
controller, run 'nltest.exe /dsregdns' from the command prompt on the domain
controller or restart Net Logon service. Or, you can manually add this record to DNS,
but it is not recommended.
ADDITIONAL DATA
Error Value: DNS bad key.
Above log entry talks about DNS issue. But I did non configured any DNS server on this machine.Authentication was working fine for last
two months , but suddenly from today we are facing above issue. Kindly help me out in resolving this issue.

hi,
Im not sure of you setup and don't understand where your sonic wall comes in.
The error with the DNS is that the server is trying to register its DNS entries in the server with the public IP address
216.37.64.6 which I am assuming is your ISP's DNS server?
How is the DNS configured on your domain controller? The domain controller should point to it'self as it's preffered DNS server.
Regards,
Denis Cooper
MCITP EA - MCT
Help keep the forums tidy, if this has helped please mark it as an answer
Blog: http://www.windows-support.co.uk
Twitter: LinkedIn:

Windows 2012 R2 - NPS in resource forest won't auteticate users in the user forest by UPN, only by DOMAIN\username

Hi there
I have recently setup a windows 2012 R2 NPS server (for WIFI auth) in our resource forest to replace an aging 2003 RADIUS server.
The problem I am having is users logging in with their UPNs.
To give some background our user forest and domains look like company.local and a few child domains department.company.local etc.
Our resource domain is companyresources.com
As we use office 365 we had to add UPNs to our users called company.com and set them.
The NPS cannot authenticate users when they use their [email protected] UPN.
From logs
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: [email protected]
Account Domain: -
Fully Qualified Account Name: -
Followed by event ID 4402
There is no domain controller available for domain DOMAIN.
I believe its cannot translate the Account name into an Account domain when using the UPN we need for office 365 ([email protected]).
If I set a test user to a UPN of [email protected] it does (however we cannot do this because it will affect our office 365 users)
Network Policy Server granted access to a user.
User:
Security ID: DOMAIN\user1
Account Name: [email protected]
Account Domain: DOMAIN
Fully Qualified Account Name: DOMAIN\user1
or if I use DOMAIN\username
Network Policy Server granted full access to a user because the host met the defined health policy.
User:
Security ID: DOMAIN\user1
Account Name: DOMAIN\user1
Account Domain: DOMAIN
Fully Qualified Account Name: DOMAIN\user1
Is there any way I can get my UPN authentication working form the resource domain s I would prefer my users logging into WiFi with their UPNs as we have moved away from the DOMAIN\username method.
Thanks

Hi,
According to your description, my understanding is that client using UPN can’t be authenticated by NPS server, event ID 4402.
In general, when NPS is configured as a RADIUS server with the default connection request policy, NPS processes connection requests for the domain in which the NPS server is a member and for trusted domains.
You may try to use realm names configured in connection request policies to ensure that connection requests are routed from RADIUS clients to RADIUS servers that can authenticate and authorize the connection request.
You may reference the link below for detailed information:
Realm Names
https://technet.microsoft.com/en-us/library/cc731342(v=ws.10).aspx
Using Pattern-Matching Syntax in NPS
https://technet.microsoft.com/en-us/library/dd197583%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

Is it possible to set up ADFS without domain admin rights in Windows 2012 R2?

I've set up Windows 2012 R2 on my development box and want to enable the ADFS feature to test claims based authN. In ADFS 2.0, you could opt to install standalone and local admin privileges would be enough to install ADFS and authenticate against the domain
AD.
However, with the new ADFS, after installing the feature it asks to enter the credentials for an account that is a domain admin. Is it still possible to configure ADFS without domain admin privileges?

Hi,
According to my research, if you want to set up AD FS in Windows server 2012 R2, each computer
that functions as a federation server must be joined to an Active Directory domain.
Besides, AD FS requires a certificate for SSL server authentication on each federation server in your federation server farm. Furthermore, you need a membership in
Administrators on the local computer to install the AD FS role service.
For more detailed information, please refer to the links below:
How to deploy AD FS in Windows Server 2012 R2
http://technet.microsoft.com/en-us/library/dn303423.aspx
Best regards,
Susie

Can A Windows 2000 Client Join A Windows 2012 Domain ?

I have set up a Server 2012 VM that I have configured as a DC. The desktop environment consists of Windows 7, Windows XP and a few Windows 2000 machines. All desktops can JOIN the 2012 domain, but when I try to add domain users to any of the
Windows 2000 (SP4) workstations, it fails with the error "The trust relationship between this workstation and the primary domain failed".
Unjoining the workstation from the domain (or going into ADUC and deleting the Win 2000 computer from the domain) and trying again yields the same result. I do not have this problem when the Windows 2000 machines are joined to a Server 2008 R2 domain.
At this point, I'm leaning towards setting it up as a 2008 R2 DC, and moving to a 2012 DC once we have weaned ourselves off of the Windows 2000 desktops. Is there any hope of getting things to work with a 2012 DC from the start ?

Hi,
Based on my research, Windows 2000 client is not supported for Windows 2012 DC.
Windows client and Windows Server operating systems that are supported to join Windows Server 2012 domains
The following Windows client and Windows Server operating systems are supported for domain member computers with domain controllers that run Windows Server 2012:
Client operating systems: Windows 8, Windows 7, Windows Vista, Windows XP
Computers that run Windows 8 are also able to join domains that have domain controllers that run earlier version of Windows Server, including Windows Server 2003 or later. In this case however, some Windows 8 features may require additional configuration or
may not be available. For more information about those features and other recommendations for managing Windows 8 clients in downlevel domains, see
Running Windows 8 member computers in Windows Server 2003 domains.
Server operating systems: Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003 R2, Windows Server 2003
Cataleya Li
TechNet Community Support

Joining Windows 2012 Server to SBS 2011 Domain

Hi All,
I have been trying to get a new Windows 2012 Server to join a SBS 2011 domain. The error message I am getting is:
The following error occurred attempting to join the domain: xxxx. The specified domain does not exist or could not be contacted.
I have a bunch of other Windows 7/XP workstations that have joined successfully. I have also tried disabling TCP/IP v6 on the 2012 server and joining the domain with the netdom command. The SBS 2011 server is listed as the primary DNS server on the 2012
server.
What else can I try here?
Thanks,
DR.

I am having the same issue has the OP. I have my DNS settings pointing to the sbs server that hosts the domain and DNS. I am receiving the same error.
Server 2012 R2 Standard
SBS 2011 Essentials
Jerry T

How to change the root domain name in window 2012 server

Got a window 2012 server build up. My root domain name looks something like corp.marketing Well I seems to have missed to add the last .com or .local. How do I add the .com to my existing root domain name please. The server is new, will
go online in few days time. Thanks for all the help.

I have a similar question and not sure if this is the right place. I had set a server with corp.brighterworld.com but the install wizard anywhere access had me believe that microsoft's strongly preferred domain name prefix was remote.brighterworld.com so
I contacted GoDaddy and had it reissued as remote. but when I went to reconfigure for the new name. I had already set the server for being a CA, and in that process it issued like 4 or 5 certificates. So I had tried to rebuild the machine from scratch, but
the it didn't wipe everything, but rather saved previous state which left the old certificate stuff to be dealt with. Any hints or help out here for us having to learn this stuff the hard way?
Thanks,
Mark Saxton

Windows 2012 R2 Active Directory Domain Services and Remote Desktop services Role on the same server.

Findings:
Currently, Windows 2012 R2 AD DS role and RDS With Broker services can only seem to coexist properly in a new domain not an existing domain. Any attempt to add to an existing domain causes internal database user access denied issues and any attempt to
adjust rights and circumvent is dubious at best.
The escalation technician said it best. Out of 50 clients that want to do this, they end up not being able to help 5 right off the bat for whatever reason. As for the other 40 they might be able to help by running reports, adjusting rights and trying to add
the roles until it works. This can end up being a 20 day process. Basically they are playing whack-a-mole with user rights and permissions until something sticks.
We tried creating an OU where any other domain policies would not be inherited to see if that was the issue, a fresh install with different sequence of adding the Roles, no effect.
Given the errors I witnessed when running procmon and then trying to add the roles, the NT System and the Windows Internal database user had access denied issues on 100+ registry keys when trying to add the roles. After that the system is not behaving normally.
The errors displayed almost mirror the errors that would occur on Windows 2012 when those two roles would be added which of course is officially NOT supported on that system.
This blog needs serious revision:
http://blogs.msdn.com/b/rds/archive/2013/07/09/what-s-new-in-remote-desktop-services-for-windows-server-2012-r2.aspx
This is the excerpt from that blog: Single server RDS deployment including Active Directory. We now support running our RD Connection Broker role service on the same physical instance as an Active Directory Domain Controller. In addition, we published
guidelines for how RD Session Host could be used without the RD Connection Broker.
Microsoft Support was curteous and helpful and they were the ones who advised cutting our losses, which mirrored my hunch after seeing what was transpiring in the system. They refunded my money for the support call.
For me, it was an opportunity to find out if there was any way to configure Windows 2012 R2 in the Same manner that it was setup as Windows 2008 R2 and lay that to rest. The coexistence is poorly implemented. It is as if there was a reaction from all the deprecation
of bread and butter features such as shadowing in TS and the coexistence of AD DS and RDS to where those features were re-added haphazardly. (I have no complaints on shadowing on Windows 2012 R2 it works, just do not like having to go to server manager to
use it).
I opted for virtualizing the Domain controller to eliminate the incompatibility issues and that is what I will be doing from now on. I found free solutions for backing up and reporting for virtual machines as well as the suggested procedures for configruing
a Domain controller as a virtual machine on a Hyper-V environment and I will be sticking to those. Thus far the setup has been operational.
I am not allergic to virtualization, but for really small setups it adds additional time and considerations but if that is how it has to be done, so be it. Windows 2008 R2 days are numbered and since we can usually squeeze 5-7 years on quality server equipment,
buying a Windows 2008 R2 setup now is a borderline disservice in my opinion.
Hopefully someone finds this useful and saves some time.

Hi,
Thank you for posting in Windows Server Forum.
Do you need any other assistance?
Based on your description, you are describing your story of successfully implementing RDS server with AD role and more regarding all RDS related scenario. For shadowing feature, you can use with command also. Below is the syntax to shadow a session.
mstsc /v:<ServerName> /shadow:<SessionID>
Hope it helps!
Thanks.
Dharmesh Solanki
TechNet Community Support

2012 R2 Hyper-V Replica and Cross Domain

Customer would like to user Hyper-V Replica, but their local site and DR site are different domains.
I know we need certificate. Is there any guide for this? I didn't find any configuration document, thanks.

Hi Sir,
Please refer to the similar thread :
https://social.technet.microsoft.com/Forums/windowsserver/en-US/420d239c-0475-480f-aa9c-c094d9ae226b/server-2012-hyperv-replication-cross-site-and-cross-domain?forum=winserverhyperv
Also the article below is a lab test about hyper-v replica based on certificate :
https://social.technet.microsoft.com/Forums/en-US/c3e309b6-1d5d-4e52-b859-cf36bd5af47d/forum-faq-how-to-implement-hyperv-replica-in-workgroup-environment?forum=winserverhyperv
Best Regards,
Elton Ji
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] .

2-way Trust Relationship between Windows and Mac Domain

Hi guys I hope someone can help me.
Just a quick explanation of what I am trying to do.
I have an Xserve running OSX 10.5.8 server, which is the OD Master. On that server I’m running Kerio mail server. I have a Microsoft 2003 server running AD.
The problem is I need to run BlackBerry Enterprise on the Windows server as the BlackBerry need active directory to work.
Since I have both system already running, I do not want to destroy my open directory just to get the BlackBerry working.
So what I have tried to do is create a 2-way Trust Relationship between the 2 domains, so the BlackBerry server will talk to the Kerio mail server.
The trust relationship appears to create fine from the Windows server side, but I’m not able to retrieve LDAP information from the open directory server.
The creation from the OSX server starts fine automated but then I had to finish it manually.
Has anyone else here created a 2-way trust relationship between Windows and Mac’s before? Any help on how you did it would be appreciated. Thanks

Have you checked on when the computer last checked in and changed the computer account password with the domain? When a computer changes it's password, Active Directory will store only the current password and it does not expire. The workstation
will store both the current password and the previous password. This for cases when you may restore Active Directory to a point before the computer password change.
To handle this, the workstation will try it's current password, then it's previous.
If you're restoring the workstation to a previous point in time, you may be rolling the stored passwords back too far for Active Directory to accept. I would only imagine this to be the case a handful of times if you're going back 1-2 days.
Are you experiencing 100% failure?

Windows 2012 R2 default domain controllers policy set to enforced

Hi Guys,
So I've migrated my domain from Windows 2003 R2 over to Windows 2012 R2 and so far everything is running ok. Had a few problems relating to orphaned DC's but have cleared this up now. However, i'm now trying to get to grips with using group policy. When
i migrated, the old policy settings seemed to have come across and things seem to be still locked down ok, in relation to certain OUs. I run a network at our local college so i have a student container which applies a lock-down policy. All these GPOs where
previously setup by someone else.
I setup a test network at home before i did the said migration and am now comparing some group policy settings, namely the default ones, and i have noticed that default domain controllers policy has been set to enforced on my newly migrated domain. At home
on my test server i see it is not enforced by default and am wondering why this is? I have been reading up but i can't find anything that tells me it should be enforced but wary to disable this setting. The students return on Monday so i don't want to mess
it up at this stage.
One thing that i did find odd is when i first opened up the GPO's, i was prompted with a message which stated that the policies in the sysvol folder where not consistent with the ones in AD so i followed its recommendation to update.
Any advise you guys have on this would be greatly appreciated.
David

> So I've migrated my domain from Windows 2003 R2 over to Windows 2012 R2
> and so far everything is running ok.
This does NOT touch any GPOs, so your GPOs are not "migrated" or
something like that - they are still what they were before.
> enforced on my newly migrated domain. At home on my test server i see it
> is not enforced by default and am wondering why this is?
"A sever misunderstanding of how group policy inheritance and link order
works" is the closest reason I see for this. The DDCP is linked to
"Domain Controllers", and as long as you do not create subordinate OUs
there (which I've never seen) and block inheritance on them, there's no
reason to enforce.
To add my experience from the field: When I see enforced GPOs, in most
cases this enforcement is not required. People simply use it because
they do not understand "link order".
> One thing that i did find odd is when i first opened up the GPO's, i was
> prompted with a message which stated that the policies in the sysvol
> folder where not consistent with the ones in AD so i followed its
> recommendation to update.
That's fairly ok and nothing to hassle about.
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :))

Cross Domain authentication between Windows 2012 R2 domains

Similar Messages

Maybe you are looking for