Accessing resources across Windows Server 2003 domains

Hi all,
I've got a client with 2 Windows Server 2003 R2 domains in one physical location. These 2 domains are totally separate, and the only thing they share presently is an internet connection and an ethernet switch. My clients want users in domain A to be able to access resources on servers and workstations in domain B. The main imperative is that users in domain B should not have any access to servers or workstations in domain A. The things I guess I need:

I'm guessing that I need a one-way trust but my experience is very single-domain so I'm looking for a quick walk-through here!

Is a one-way trust truly one-way, is there NO way for domain B users to access domain A?

How do I configure permissions etc on resources in domain B so that domain A users can access the requisite resources?

Can users from domain A be given permission to log onto computers belonging to domain B?

Thanks.
LVL 10
budchawlaAsked:
Who is Participating?
 
aissimConnect With a Mentor Commented:
* Yes, a one-way trust is what you need. You'll want domain B to trust domain A.
* One-way is truly one way. Domain B will not be able to access domain A in any way.
* Once the trust is in place, you'll be able to configure permissions in domain B the same as always - you'll just have access to resources/accounts in domain A as well...nothing tricky. For example, if you want to modify a folder's permissions - you can select users from either domain to allow access. They're all at your fingertips.
* Yes, users from domain A will be able to log onto computers in domain B as soon as the trust is in place. On the logon screen, the 'domain' drop down field, will allow you to choose either domain
0
 
budchawlaAuthor Commented:
I love a well structured response... thanks aissim. I'm sure everything will work as you say, but I'll leave this open till I can test it so I can come back with any queries :-)
Thanks again..
0
 
aissimCommented:
Sounds good - post back if you have any questions along the way.
0
 
budchawlaAuthor Commented:
Sorry for the delay & thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.