Just researching some possible solutions for some upcoming domain changes. Currently we have domain SmallDomain which currently hosts our SP Farm (and all the WFEs) in a W2K3 Active Directory environment. The farm currently has a web application for internal use using integrated credentials. This web app has also been extended for FBA authentication using the LDAPMembershipProvider for external use. All identities are stored in Active Directory. Now along comes another domain BigDomain. SmallDomain will be configured with a one-way trust against BigDomain (that is, SmallDomain trusts BigDomain, but not vice-versa). My question is, will the LDAPMembershipProvider (or the ActiveDirectoryMembershipProvider for that matter) find users in BigDomain once the trust has been established? Or do I have to create another extended web application with a provider that points to BigDomain?

Hi Goldmember2, If you use the LDAP provider with Active Directory, there are scenarios (such as in an extranet) in which trusted forests might be in use. When a site is configured to use Windows authentication, users from either forest can authenticate and use SharePoint resources. The LDAP provider, however, tries to authenticate against only the forest that the membership provider is configured to check. It does not authenticate against a trusted forest and it does not follow LDAP referrals. If you need to authenticate against multiple forests, you should extend SharePoint Products and Technologies into an additional zone for each forest that is used for authentication. Then configure each zone to use a different forest in the membership and role settings of the zone's web.config file. For your situation, you have to create another extended web application with a provider that points to BigDomain. For more information about LDAP Membership and Role Provider Usage Constraints, please refer to the following article: http://msdn.microsoft.com/en-us/library/bb975136.aspx Hope this is helpful. Rock Wang TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Regards, Rock Wang Microsoft Online Community Support

Hi Goldmember2, Do you have any questions? If anything is unclear, please feel free to let me know. I am looking forward to hearing from you. Rock Wang TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Regards, Rock Wang Microsoft Online Community Support