AnsweredAssumed Answered

Windows Authentication (IWA/NTLM) on multi-domain using two-way AD trust

Question asked by Gabriele_Rusconi-Moviri on Nov 20, 2017
Latest reply on Nov 21, 2017 by Albert_Fernandez

Scenario (see attached image): we have 4 AD Domains (A.company.com, B.company.com, C.company.com, D.company.com) that are part of the forest COMPANY.COM. The four domains A, B, C and D are configured with a a two-way trust with another domain, called EXTRA.COM located on a different data-center. Finally the EXTRA.COM is configured with a two-way trust with the main forest domain COMPANY.COM.

 

 

Requirement: have Windows Authentication using NTLM for all the users of A, B, C and D domains.

 

Idea: configure IIS Web Server + Web Agent that manages the Windows Authentication scheme against the only one COMPANY.COM forest domain

 

Question: with this configuration NTLM Windows Authentication works for all the users of all the child domains A, B, C and D?

 

 

Thanks and regards,

Gabriele.

Outcomes