can't establish trust between windows 2003 and windows 2008 domains

I am trying to migrate users from a windows 2003 domain to a brand new windows 2008 domain.  As I understand it, to get the ADMT to work I need a trust relationship between the 2 domains.  I have not been able to establish a trust relationship between the 2 domains The 2008 Domain is at 2008 functional level and the 2003 Domain is at the 2003 functional level.  I'm guessing this is where my problem resides, but before I go through the trouble of rebuilding my 2008 Domain and set it to the 2003 functional level, is there anything else I can do to either lower the level to 2003, establish a trust between the 2 domains or just get the ADMT tool to work without a trust relationship?
a245439Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JamesSenior Cloud Infrastructure EngineerCommented:
I think your best bet would be to lower functional level to 2003.
0
DavidLealCommented:
What error message appear?

I have a 2008 domain (2008 funcional level) with trust with other 2 domains one 2000 (funcional level 2000) and other 2003 (funcional level 2003)

and dont have any problem with trusts
0
a245439Author Commented:
Error message received - Cannot create a forest trust to the specified forest.  The specified forest is not at the necessary forest functional level.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

DavidLealCommented:
the windows 2003 forest are native or mixed?
0
a245439Author Commented:
2003 forest is native.  There is only one DC in the forest.
0
a245439Author Commented:
Thanks for the link but it wasn't quite what I needed.  My situation may be a bit different.  I'm going from 2 completely different subnets through a firewall.  I was able to get this to work using the following steps.  Hopefully they will help someone else.

Make sure source domain has been configured as a ‘Conditional Forwarder’ in the DNS settings on the target domain.

1.      Open Active directory and trusts for the source domain
2.      right click source domain name choose 'properties'
3.      click trust tab
4.      Click 'New Trust' button
5.      Click 'Next'
6.      Enter Target Domain Name
7.      Choose ‘Realm Trust’
8.      Choose ‘Non Transitive Trust’
9.      Choose Two-Way direction
10.      Create a Trust password
11.      Click on Finish
12.      Logon to Target Domain
13.      Open Active Directory and Trust on target domain
14.       right click target domain name choose 'properties'
15.      click trust tab
16.      Click 'New Trust' button
17.      Enter source domain name
18.      Select ‘External Trust’
19.      Select Two Way
20.      Select This Domain Only
21.      Domain Wide Authentication
22.      Enter password created in step 10
23.      Click Next, don’t bother verifying relationship as it will tell probably tell you it failed.  Just keep clicking next until the wizard is finished.
24.      Run ADMT and verify you can migrate a user.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Glen KnightCommented:
I've requested that this question be deleted for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
a245439Author Commented:
A solution to this problem has been detailed in the responses.  It should be classified as an accepted solution.
0
a245439Author Commented:
Found the solution on my own and have listed in detail the steps I took to resolve the problem
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.