liminal
asked on
Creating a trust between two dif fores
Hi all, I’m trying to create a one way forest trust between two forests on dif subnets. But they can’t seem to find one another (when trying to add though Active Directory Domains and Trusts). What would I be missing?
Set up is; they each have an interface on a firebox firewall. I have the connections set up as, Any Trusted to that other interface name (basically production network to a SharePoint test network)
Also production is a 2003 domain level and test is set as 2008 R2 level… is that ok for them to least see each other?
Thanks
Set up is; they each have an interface on a firebox firewall. I have the connections set up as, Any Trusted to that other interface name (basically production network to a SharePoint test network)
Also production is a 2003 domain level and test is set as 2008 R2 level… is that ok for them to least see each other?
Thanks
ASKER
Thanks for that.
No they cant see each other from within Active Directory Domains and Trusts. The two DCs can ping each other... but trying to add a new trust... finds nothing.
No they cant see each other from within Active Directory Domains and Trusts. The two DCs can ping each other... but trying to add a new trust... finds nothing.
Configure forwarding on each DNS server to point the other domain. You need to resolve server names for the other domain to create a trust relationship
ASKER
Resolve the server or the domain... ie server.domain.com or domain.com
DNS needs to be able to resolve the names of the other domain.
Setup forwarders as suggested below:
http://www.techrepublic.com/blog/window-on-windows/configuring-dns-forwarders-to-support-windows-server-2003-forest-trusts/501
Once this is done, follow the document mentioned in the earlier post.
If it still fails then check your firewall configuration:
http://support.microsoft.com/kb/179442
Your DC's need to be able to locate the server holding the PDC Emulator Role in order to get the trust setup.
Setup forwarders as suggested below:
http://www.techrepublic.com/blog/window-on-windows/configuring-dns-forwarders-to-support-windows-server-2003-forest-trusts/501
Once this is done, follow the document mentioned in the earlier post.
If it still fails then check your firewall configuration:
http://support.microsoft.com/kb/179442
Your DC's need to be able to locate the server holding the PDC Emulator Role in order to get the trust setup.
ASKER
Yeah ive done all that and nothing. does the function level have anything to do with it?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your help there... I was not doing the DNS setup correctly and when i did, it basically told me the that functional would not allow it to work. One forest is 2008 R2 and one is 2003
All good not that important just would have made our lives easy if we could have set this up
All good not that important just would have made our lives easy if we could have set this up
http://technet.microsoft.com/en-us/library/cc754626.aspx