how does work the authentication in a Forest Trust ?
Posted on 2012-03-23
here is my pb :
I've got a Forest A (with only 1 domain, 2003 native mode), i've got another Forest B (with 1 root domain, and 20 child domains, 2003 native mode).
I opened network flow through Firewall to let communicate DCs from domain A and DCs from the root domain B .
So i was able to make a forest trust without problem.
I can add user from the root B to groups of the domain A.
But now, if I want to add users from childs domains of the forest B to groups of domain A, i've got an error like " unable to communicate to the domain controller".
My question is : Should I open network flow between Forest 1 DCs and all DCs of the Forest B ? (included all childs domains DCs)
If yes, I can't understand where is the benefit to make a trust forest instead of multiple domains trusts.
Or maybe in my configuration i've to work with command line to manage AD ?