AD query for a user from a trusted domain (forest trust)
Hi! Been trying to solve this for a while, but can´t find how to do this... I have seen similar questions on the forum without response, maybe this time is the one! I have two domains, domain A and domain B. Domain A is configured to trust Domain B. Also, users from domain B belongs to some AD groups on domain A. I have setup an access policy, where users from domain A authenticate against domain A, and users from domain B authenticates agains domain B (two different AAA servers). This is working fine. My question is: How can I check the group membership of domain A groups for a user from domain B? I need to make a query to domain A asking the "memberOf" attr for a trusted user which is originally from domain B. If I try to do this, que AD Query does not found the user, as the CN, sAMAccountName, SID, and GUID for the domaing B user are not the same in domain A. Any ideas on how to achieve this? Regards, Gerar