I have two separate networks, different locations, connected with a VPN connection.
I need to be able to map drives on workstations and servers in the "other" domain. Here is what I've done so far.
One domain is named ABC.com. The other is DEF.local.com. The AD controller in each Domain has the other domain set up as a secondary zone. Both are at the highest AD Level - Windows Server 2003.
When I go through the Add Trust Wizard for ABC.com, I entered DEF.local.com as the name of the "domain, forest or realm" for the Trust.
I choose Realm Trust on the next screen because if I select "Trust With a Windows Domain" the WIzard says it cannot complete as the other domain cannot be contacted.
I choose Transitive Trust and Two-Way on the next two screens.
I enter a Trust Password.
I did the same on the AD controller in the DEF.local.com domain, reversing everything except the Trust Password which is exactly the same.
A set of folders on a server in the DEF.local.com network are Shared out to Everyone and to Authenticated users.
From a workstation in the ABC.com domain, when I try to map a drive on that server, I can see the servers and workstations on DEF.local.com network. When I attempt to Open or Explore the Server, I get the message that "\\Server is not accessible. You might not have permission to use this network resource. Contact the adminstrator......".
In addtion to sharing specific folders, is the another step required to allow users authenticated to the "other" domain to access those resources?