Unable to View or Add Trusted Domain Security Principals from "Members of" Properties Tab

ID: Q237905

The information in this article applies to:
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Server

SUMMARY

When you administer a domain, security principals from the parent domain or other trusted domains are not visible in the "Member Of" Properties tab of a domain user. The only domain accounts that are allowed to be added or visible are the present domain groups. Only domain groups from the present domain are shown, despite the fact the member is a member of other trusted domain groups.


MORE INFORMATION

This behavior is by design because users should be not added to groups of other domains directly, but rather they should be added to Global groups and the Global groups added to other trusted domain groups. This behavior was implemented for performance reasons to alleviate the task of enumerating all groups from other domains.

To view a user's group membership for a domain(s), use the resource kit utility Showgrps.exe..

Additional query words:

Keywords :
Version : WINDOWS:2000
Platform : WINDOWS
Issue type : kbinfo


Last Reviewed: December 29, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.