In a one-way AD trust the trusting domain needs to query the trusted domain's DC in order to add a security group to a folder's NTFS permissions. When challenged for Network Credentials an RSA passcode is required but the trusted (queried) domain doesn't use RSA.
Hi Jeff,
I have moved this thread to the RSA SecurID Access page so that you can get an answer to your question.
Thanks,
Jeff