You can use the vdmadmin command with the -F option to update the foreign security principals (FSPs) of Windows users in Active Directory who are authorized to use a desktop.


vdmadmin -F [-b authentication_arguments] [-u domain\user]

Usage Notes

If you trust domains outside of your local domains, you allow access by security principals in the external domains to the local domains' resources. Active Directory uses FSPs to represent security principals in trusted external domains. You might want to update the FSPs of users if you modify the list of trusted external domains.


The -u option specifies the name and domain of the user whose FSP you want to update. If you do not specify this option, the command updates the FSPs of all users in Active Directory.


Update the FSP of the user Jim in the EXTERNAL domain.

vdmadmin -F -u EXTERNAL\Jim

Update the FSPs of all users in Active Directory.

vdmadmin -F