• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 211
  • Last Modified:

How do I create a trust between 2 Domains on different subnets?

I want to create a trust between 2 Domains so I can migrate over, Settings,etc, servers from Domain B to Domain A

Domain A is on the local network
Domain B is on the DMZ, but I can access the DMZ through the DNS/DC and all the servers are pingable.

How can I create a trust between both domains so I can do what I need to do?

1 Solution
This should help you get started..
In your scenario:
DOMAINB trusts DomainA
Run Active Directory Domains and Trusts->Right Click on the Domain  and select Properties Then click the "Trusts" tab. Then click on New Trust. Provide DNS or NetBIOS name of other domain(DomainB). Here you need an "incoming trusts". If no other specific restriction, do forest trust. When done, you should have DomainB listed on the bottom box of the "Domains that trust this domain(incoming trusts)"

Do the same but the opposite of the above.

If you run into any problem or better yet, confirm if your firewall ports are opened since DomainB is in the DMZ:
These are the ports and protocol require to open on both side of the firewall if trust is to be established between two domains:

UDP      135, 389, 53, 88, 445, (for NetBIOS: 137, 138)
TCP       135, 389, 636, 53, 88, 445, 1024-65535, (for NetBIOS: 139, 42)
ICMP      Dependency of port 139, also used by Windows Redirectors, Group Policy, MTU etc

Service Name             UDP       TCP
LDAP                   389       389
LDAP SSL             N/A       636
RPC Endpoint Mapper       135       135
Global Catalog LDAP       N/A       3268
Global Catalog LDAP SSL N/A       3269
Kerberos             88       88
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now