I have two Active Directory domains named ONE and TWO in separate external forests that have a two-way trust relationship between them. How can I grant users in TWO access to resources in ONE? For example, how can I enable users in TWO to logon to workstations in ONE? Also, how can I grant users in TWO access to files in a shared folder on a server in ONE?
In case it makes a difference, the domain controllers in ONE are all Windows 2003 R2 and the forest is at functional level Windows Server 2003, while TWO's domain controllers are Windows 2008 R2 and the forest is at functional level Windows Server 2008 R2.
I have tried a lot of different things but nothing seems to work. I have made this sort of thing work before in domains in the same forest, but this is my first experience with external forests. Any help would be greatly appreciated!