Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
AddExtender("wwwnt34i.dll") x=wntUserList( "\\SERVER", 8 ,0 ) z=AskItemList("Trusts",x,@TAB,@SORTED,@SINGLE) exit
...does generate a list of domains which trust my domain (trusting domains); nothing for TRUSTED domains. Also noticed that the "\\SERVER" argument must be domain controller - returns nothing if I leave it blank (current system). I have about 8 of each (trusted/trusting), some 1-way; others 2-way.
It's better than trying to snapshot the scroll-dialog in usrmgr. I may be able to use an account in our rmtadm domain, which has trusts with every domain to enumerate trusts from the opposite perspective (from those TRUSTED domains looking back at mine and any others they are trusted by). Thanks again!
Trusted domain accounts will be located on the DCs in the domains that are trusted, so you won't see that information from within the trusting domain.
Here's how domain trusts work....
If Domain A trusts Domain B, then Domain B will contain domain trust accounts which the DCs in Domain A can use to logon to Domain B to perform trusted authentication tasks. I know it sounds ass-backwards, but that's how it works. Domain A is incapable of independently authenticating the credentials of users in Domain B, so in order for Domain A to trust Domain B, Domain A's DCs must be able to authenticate the credentials of users in Domain B. This is achieved by having the netlogon service for domain controllers in Domain A use the domain trust accounts for purposes of performing delegated authenticated of Domain B user credentials.
Article ID: W17058
File Created: 2007:07:03:14:28:02
Last Updated: 2007:07:03:14:28:02