I'm running the app pool under a domain account.
We are connecting to a domain controller that has no trust relationship with the domain running the provider. This resource domain simply hosts user accounts that have access to the web site.