Solved

Joining two domains.

Posted on 2006-06-30
7
2,701 Views
Last Modified: 2012-08-13
Is it possible in Windows 2003 SBS to join two domains together?  For example,  I have domain A (domainA.com) and domain B (domainB.local).  Can inter-connect the two so that I don't have to authenticate when crossing domains to access resources?  What about DNS?  Do I need to do anything there to join the two?  Active Directory?  Etc....

Thanks!
0
Comment
Question by:Quetysis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 4

Expert Comment

by:dalsym
ID: 17021810
Active Directory Domains and Trusts

Do you traffic to be allowed both ways between the two domains or just one direction?

Off the top of my head, I think you are looking for a two-way transitive trust. I'm sure someone will come along with more detail if needed.
0
 

Author Comment

by:Quetysis
ID: 17021846
I am looking to allow traffic both ways.  I'll look at the AD domains and trusts.  Thanks
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17022064
Yes, you want two-way transitive trust.

If you are creating a new doman, you can join it to an existing forest when you rin DCPROM, this will create the trusts you need.

eb
0
Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 44

Expert Comment

by:scrathcyboy
ID: 17022138
You can do this from the LOCAL network, since they are just shared directories, but for people external to the local network accessing these websites, there is no cross-certificate association that is normal for the website setup.  So is this just for local access, or for the public from outside, on the web??
0
 
LVL 15

Assisted Solution

by:nprignano
nprignano earned 200 total points
ID: 17022439
UNFORTUNATELY, since you are using SBS, you cannot create trusts.  SBS is designed for small business, and therefore is limited with its functionality for enterprise class solutions (such as creating multi-domain networks).  If you want to do this, you will need to upgrade at least one of the servers to Win2003 Standard.

http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21505548.html


nprignano
0
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 300 total points
ID: 17022600
nprignano is close, but not quite correct.  As he states, SBS domains CANNOT be joined together - you cannot create trusts between them.  Simply adding one regular server will not allow you to create a trust - this restriction is DOMAIN level, not server level.  If you wanted to create a trust between the two domains you would have to upgrade BOTH domains to standard versions of Windows Server using the Transition Pack for SBS 2003.  This is not a cheap thing to as the transition pack essentially costs the savings you had by buying SBS instead of the regular products.  For example, if SBS cost you $3000 for licensing, and Exchange, Windows, and CALs WOULD have cost you $6000 for the full products, then the transition pack will cost you $3000 (Transition Pack $3000 + SBS licensing $3000 = 6000 = what you would have spent on the full products).
0
 
LVL 15

Expert Comment

by:nprignano
ID: 17022646
thank you, leew, for setting the record straight :)

nprignano
0

Featured Post

Turn Insights into Action

Communication across every corner of your business is essential to increase the velocity of your application delivery and support pipeline. Automate, standardize, and contextualize your communication processes with xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question