I recently attempted to get staff from a different domain (but the same Forest) to access an internal web based application and they received:
An unhandled exception was generated during the execution of the current web requrest. Information regarding the origin and location of the exception can be identified useing the exception stack trace…
After some digging into the Windows APPLICATION event log I found errors like:
EVENT ID 18456 MSSQLSERVER
Login failed for user ‘CA\JohnRihmer’. Reason: Could not find a login matching the name provided. [CLIENT: <local machine>]
The problem was simply that the Windows Security Group that SQL was using for the database in question did not include the staff from the other Windows Domain. Soooo, the fix was to simply add OTHER-DOMAIN\AUTHENTICATED USERS to the Secutity Group.