I have the following config
LDAP domain A where unity array is proposed to lie.
LDAP domain B where a number of CIFS/unix users reside
Domain A has a one way trust to Domain B.
Can unity array join domain A but resolve users in domain B for file access ?
The reason for this are convoluted security issues, so saying simply join unity array to LDAP domain B will not fly
I assume you really mean Active Directory domains since thats what we join - not LDAP domains
sure - as long as the trust is in the right direction
A one-way incoming trust allows users in your (trusted) domain to be authenticated in the other (trusting) domain, whereas a one-way outgoing trust allows users in the other (trusted) domain to be authenticated in your (trusting) domain.
more info available from Microsoft:
so how can we do two things;
1. do a network capture of the user authentication to see what is happening when it denies access.
2. Is there a way of testing whether access is allowed/denied to a file and if denied where in the process it is denied like server_cifssupport <movername> --accessright ( yes I know its a VNX command )