August 17, 2009 at 2:46 pm
Hi,
Our company recently bought another organisation.
In our primary domain (lets say DomainA) we have a Windows AD group named GroupA.
DomainA\GroupA has access to a database DB1 on our server.
Now all the Domain Users of this new organisation(DomainB) have been added to this GroupA.
Since all the users of new domain have been added to GroupA and GroupA has access to DB1, ideally a user in new domain (DomainB\UserB) should be able to access DB1. But this is not happening. All attempts to login to DB1 with DomainB\UserB fail with this error:
Login failed for user 'DomainB\UserB'
I am scratching my head and unable to understand why this could be happening.
Pls help.
Regards
August 17, 2009 at 3:04 pm
Please read this:
http://support.microsoft.com/kb/231273
Do you think that your issue may deal with catalog replication? This is the quote from the article:
"Global group membership for a user is evaluated when that user logs on to a domain. Because global group membership is domain-centric, changes in global group membership do not impose global catalog replication throughout an entire enterprise"
Also did users log in and log out? What is the scope of the goup? Global or Universal? What is the OS of the SQL Server, Windows 2000 or Windows 2003 or Windows 2008 ?
Regards,Yelena Varsha
August 17, 2009 at 3:52 pm
these are separate domains in separate forests is that correct?
also clarify the group scopes you have used.
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply