I have 3 domains.
Domain 1 is parent to Domains 2 and 3. Domains 2 and 3 are children at the same level
I have setup shortcut trusts that are two-way transitive and verified on both sides between Domain 2 and 3
I can see any and all info from Domain 1 to Domains 2 and 3.
I can force replication from Domain 1 to Domain 2 and 3.
I have DHCP, DNS, and WINS all running from Domain 1.
Since this is a test setup, everyone is on the same VLAN/Subnet. 192.168.10.x
All machines are pingable.
All machines are Windows 2003 Standard.
Here are my 3 main issues:
When I try and add a domain 3 user/group through NTFS file/folder permissions to a domain 2 file or folder, it works to add them, but they cannot log in with an Access is denied error. Both the share permissions and the NTFS permissions are correct.
When I try and add any domain 3 group or user from the AD Users and computers snap in > Users > D2Group1 (Global Group) of domain 2 it won't see domain 3's objects.
When I switch my location to domain3 it removes Users, Groups, and computers from the selection list of object types.
There has to be something stupid that I am doing or not doing. Please help.