In Microsoft Windows NT–based networks, a method of performing authentication to a domain controller that resides in a trusted domain. Pass-through authentication enables users to log on to computers in domains in which they do not have a valid user account.
Users in a multidomain Windows NT–based network can thus access resources anywhere in the enterprise for which they have suitable permissions.
Consider the example of an enterprise consisting of three domains - two resource domains (the trusting domains) in which network resources such as shared folders or printers reside, and a master domain (the trusted domain) in which all user accounts are defined. The resource domains trust the master domain using Windows NT one-way nontransitive trusts. When a user attempts to log on to a computer in a resource domain, pass-through authentication takes place in one of two ways: