Security on Trust Between two domains

Currently i have my corporate Domain A and I have just created a test Domain B for our development/QA group for their testing.  I have setup everything except for a trust relationship between Domain A and Domain B.  DNS is working nicely with the conditional forwarding between the two domains.  I know i can set a 1 way trust so my corporate Domain A can be authenticated in Domain B and the Dev team can use the corporate accounts in their test environment.  They have also installed SCVMM 2008 R2 in their test environment domain B.  The problem is they have installed SCVMM 2008 R2 console on their corporate desktops Domain A and it will not authenticate and can't login into their scvmm test server.  I know a 2-way trust will work accrding to microsoft for scvmm, but i am worried as to if there is any vulnerabilities or security issues that i need to be concerned about if i was to make a two-way trust.

If i was to make a 2-way trust, is my Domain A proned to attacks or updates/Deletes, etc....?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Darius GhassemCommented:
Think about it this way. You must grant permissions for Domain B to access files and folders on Domain A so just don't give permissions.
Two trust will not make the domains into one domain they will still be managed seperately.

I would have consider settings RDP to Domain B instead of direct access over trust if you want to keep things secure if you do it this way then the QA group could have their own desktops for Domain B without affecting anything on Domain A.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
josogAuthor Commented:
Using RDP was the original plan of mine, but they have applications their developing on their desktop uses their corporate accounts which also needs to be in their testing domain environment.  

I do notice when creating the 2 way trust, that from domain B, they can see all my accounts in DOmain A (like searching, viewing properties, etc...) but yet they can't edit anything.

as long as each domain is managed seperatly and the admin in domain B can't change anything in Domain A, i am happy.
Darius GhassemCommented:
That is the way it will work you must give permission to allow for editing.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.