trilogynet
asked on
2 Locations, 2 2003 DC's w/ Seperate Domain Names, Trusted 2-way. User Rights Question
I have 2 domain controllers at 2 locations
Location 1:
domain1.local
Location 2:
domain2.local
Connected to each other via routing and remote access as a demand dial interface via Business DSL.
Both domains are set to trust each other. I can access files from both domains and logon to desktops at each location with a single user account. The problem I'm having is for my administrators. When admin1.domain1.local logs onto domain2.local they act as if they are just a domain user. They have no administrative privileges. From what I have read and understand the domains just have to trust each other and any user will inherit their normal user account settings. Well both domains are trusting of each other and we can definitely see resources on both domains. What am I missing?
Location 1:
domain1.local
Location 2:
domain2.local
Connected to each other via routing and remote access as a demand dial interface via Business DSL.
Both domains are set to trust each other. I can access files from both domains and logon to desktops at each location with a single user account. The problem I'm having is for my administrators. When admin1.domain1.local logs onto domain2.local they act as if they are just a domain user. They have no administrative privileges. From what I have read and understand the domains just have to trust each other and any user will inherit their normal user account settings. Well both domains are trusting of each other and we can definitely see resources on both domains. What am I missing?
Mazaraat
Are the admins from domain1 members of the domain admins, administrators,etc... groups on domain2? (verify)
ASKER
I added each user to the administrators group, but when I go to add admin1.domain1.local to the domain admins on domain2.local I am unable to select the domain1.local to pick users from.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What kind of trust was created? You may not have gave permissions for admin level.
Here is an excellent walk through with plenty of explanations along the way, go over it and verify.
http://thelazyadmin.com/index.php?/archives/244-Creating-an-Active-Directory-Trust.html
Here is an excellent walk through with plenty of explanations along the way, go over it and verify.
http://thelazyadmin.com/index.php?/archives/244-Creating-an-Active-Directory-Trust.html
ASKER
Well I tried to play around with that idea KPRAD but was unable to get it to work. I was able to create groups on both ends and then add users to the groups but when I tried to add those groups to the domain admins group I couldn’t.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.