• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 349
  • Last Modified:

join 2 seperate Windows 2000 forests

We have two physical sites that have worked independately. we now have a hardware VPN established between the two Physical site..

I now would like to blue.local to be able to trust blue.com.
Both pysical sites use different IP subnets.  

How do i go about link the two sites in Windows 2000 server, so users can access the other sites without authenication issues ?


Many Thanks In advance for your help
0
itsol187
Asked:
itsol187
1 Solution
 
ocon827679Commented:
Why not set up a 2-way trust between the domains?  You don't want to join them in a single forest if there is a possibility that there have been schema changes in one that are different than the other.
0
 
Casca1Commented:
If the domains (and forests) are already in place, the only solution here is to follow ocon827679's suggestion and establish 2 one way trusts between the domains, unless you created one as a child domain of the other, I.E. Blue.com as the root domain in the forest, and Blue.local as the sub-domain.
0
 
JConchieCommented:
Or go to Windows 20003 where inter-forest transitive trusts are possible....and you don't have to set up individual trusts with each individual domain.
0
 
itsol187Author Commented:
thanks for your feedback

i have tried to create a explicit trust relationship, but get the following message ..


The blue.com domain cannot be contacted.If this domain is a windows domain, the trusts cannot be setup utill the domain is contacted.


I can ping the IP address of the Windows DC at blue.com.  Am i missing something here ?
0
 
ocon827679Commented:
Sounds like a name resolution problem.  These are both W2K domains right?  The easiest way to get them to see each other is to make each domains DNS a secondary of the other.  That way there will be a copy of the DNS in each domain.  Just go into the DNS manager and create a new forward lookup zone.  Select the zone to be a secondary and follow the instructions to add the other domains DNS.  Once the replication has occurred, you should be ableto set up the trust.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now