Solved

Creating a forest trust

Posted on 2011-09-27
9
1,041 Views
Last Modified: 2012-05-12
Hi Experts

I have three domain controllers; two 2008 DCs, and one 2003 DC (FSMO role holder).

I need to create a forest trust, and when I go to AD Domains and Trusts -> Domain properties, the 'New Trust' button is greyed out on the two 2008 DCs but is available on the 2003 DC.

Why is this?

Thanks
0
Comment
Question by:failed
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 4

Expert Comment

by:mustang83
ID: 36709584
What are the domain functional levels on both forests?
0
 

Author Comment

by:failed
ID: 36709603
2003
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36709631
That's because of Windows Server 2008 Firewall :)
Disable all 3 profiles and check again :]

Regards,
Krzysztof
0
Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36709634
Of course, 3 firewall profiles :) (public, private and domain)

Krzysztof
0
 

Author Comment

by:failed
ID: 36709653
Yes I can see the button is available now after disabling the firewall, thanks.

Which ports do I need to open, as I'd rather not leave the firewall off in the long-run!
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36709668
Grayed out New Trusts usually means you don't have specific rights to create trusts
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 36709693
Please check this MS article for whole necessary ports to be opened on firewall
http://technet.microsoft.com/en-us/library/cc756944%28WS.10%29.aspx#w2k3tr_trust_tools_knfk

Krzysztof
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36709700
Make exceptions in Domain firewall's profile :)

Krzysztof
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36710113
Do you need any other help on that?

Krzysztof
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question