A. To determine a user's policy, NT 4.0 uses information in the ntconfig.pol file on the NETLOGON share of the authenticating domain controller (DC). For example, imagine that a user from domain A logs on to a machine in domain B, which trusts domain A. A domain A DC validates the logon, so NT loads the ntconfig.pol file from the domain A DC NETLOGON share.
To apply the workstation domain's policy to the user, you need to force the workstation to load the policy from the correct location. You can accomplish this by using the NetworkPath registry value, as I explain in this FAQ. Be aware that you should use a Universal Naming Convention (UNC) path in the NetworkPath registry value rather than mapped path letters because mapped paths probably won't exist when the profile is loaded.