BiosIT-STJ
asked on
login/sign-in to domain on another forest
Hello,
I have a question on login/sign-in to a domain in another forest.
In our current structure we have a root forest, Forest 1, and 2 domains under it, Domain 1 and Domain 2. Domain 2 is a resource domain so we login to Domain 1 to access email on the exchange server and share resources across the domain.
We have setup another forest, Forest 2 and established trust relationship with Forest 1. We will eventually move Domain 2 and all the objects under Forest 2. Since Forest 2 will be a resource forest only, all our users from Domain 2 will have to login/sign-in to Domain1 so we can access the exchange server and continue sharing resources.
My question is that I am not able to see Domain 1 in drop down menu on Windows XP nor can I sign-on using Domain1\joe option. If we have a bi-directional trust established between forests, I should be able to see Domain 1 in Forest 1 from Domain 2 under Forest 2 to login/sign-in but I can't. I checked the DNS configuration and the forward lookup zones for the DNS is loading all the information across the forest but the reverse lookup zones cannot load all the information. Is that the reason I'm not able to see domain1 or is there something I'm missing that I need to look into so I can see Domain 1 as an option to logon/sign-on? What steps do I have to take so I am able to login/sign-in to Domain 1?
I have a question on login/sign-in to a domain in another forest.
In our current structure we have a root forest, Forest 1, and 2 domains under it, Domain 1 and Domain 2. Domain 2 is a resource domain so we login to Domain 1 to access email on the exchange server and share resources across the domain.
We have setup another forest, Forest 2 and established trust relationship with Forest 1. We will eventually move Domain 2 and all the objects under Forest 2. Since Forest 2 will be a resource forest only, all our users from Domain 2 will have to login/sign-in to Domain1 so we can access the exchange server and continue sharing resources.
My question is that I am not able to see Domain 1 in drop down menu on Windows XP nor can I sign-on using Domain1\joe option. If we have a bi-directional trust established between forests, I should be able to see Domain 1 in Forest 1 from Domain 2 under Forest 2 to login/sign-in but I can't. I checked the DNS configuration and the forward lookup zones for the DNS is loading all the information across the forest but the reverse lookup zones cannot load all the information. Is that the reason I'm not able to see domain1 or is there something I'm missing that I need to look into so I can see Domain 1 as an option to logon/sign-on? What steps do I have to take so I am able to login/sign-in to Domain 1?
Adrian Cantrill
did you try the UPN method ? i.e user@otherdomain.fulldnsna
its been my experience that forest trusts dont populate the traditional dropdown domain selector and the above UPN method is needed.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
any luck with this one ?
ASKER
Yes, actually once we added the reverse lookup zone we were able to login using domain\username. The UPN method didn't work but all your suggestions did guide us toward getting our problem resolved.
Thanks for taking time to address our question.
Thanks for taking time to address our question.