Solved

Trust 2008/2003 Domain

Posted on 2009-04-09
8
306 Views
Last Modified: 2012-05-06
I have a 2008 domain and a sep. domain that is running 2003. the two sites are connected by a tunnel.  I want to create a 2 way trust between the domains.  Any  issues to look for?  Schema issues on the 2003?

thanks
0
Comment
Question by:jasonmichel
  • 4
  • 3
8 Comments
 
LVL 19

Expert Comment

by:jss1199
ID: 24110337
No issues encountered here and we have several 2008 <> 2003 trusts.  See the EE post below for a good walkthrough on creating the trust.

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_23805633.html
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24110379
Do you have name resolution working between the domains?  That will be important.
You can use conditional forwarders or use secondary zones (not one way to do it), but they do need to be able to resolve.
Thanks
Mike
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 24110398
yeah i was just thinking about DNS...so i can just create a conditional forwarded just for the other domain..i currently have them pointed to opendns
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24110425
Do you have DNS running in the domains?
 
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 1

Author Comment

by:jasonmichel
ID: 24110440
yes..both sides
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 24110511
ok then what you can do is
DomainA
Set conditional forwarding for domainb.com and point to those domain B DNS servers
and vice versa
Then you can test name resolution and an nltest
  • Nslookup targetDomainFQDN

  • nslookup
            set type=ns
             targetDomainFQDN
 
  • Nltest /dsgetdc: targetforestrootdomain.local
Any firewalls in the way?
Thanks
Mike
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 24110546
well we have cisco routers on each end with an ipsec tunnel established
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24110728
ok then hopefully no port blocks there,  these are the ports that need to talk if there was a firewall
http://support.microsoft.com/kb/179442
 
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now