what is the best way to implement a new domain for joint project involving 3 seperate companies

Posted on 2012-09-02
Last Modified: 2012-09-03
we have a new job coming up the will require an IT setup
it will be 3 offices that need to be connected to each other with a total of around 120 users
i was going to install one server and have all users connected to it
around 40% of these users are people who are only going to help out for around 1 year and they have their own laptops currently connected to another office domain.
what is the best way to setup the IT infrastructure to include these users
should i use child doamins or domain trusts etc
Question by:dougdog
    LVL 22

    Expert Comment

    I would use trusts for the domain that will be gone in a year and a child domain for the other users.

    Author Comment

    i need to setup a new domain called domain c
    domain c will consist of 100 users
    but i have some users who belong to domain A who will need to access domain c for file server data etc and some users from domain  B who will need to access domain c
    only some users from domain A & B may access domain c and the main users who are only on domain C may not access anything from Domain A or B
    How can i achieve this?
    LVL 18

    Assisted Solution

    by:Sushil Sonawane
    Create the external trust with domain C and make direction one-way (A domain user can able to access domin C and same B domain also)


    A === C (External Trust Nontransitive One-way)
    B === C (External Trust Nontransitive One-way)
    A====B (External Trust Transitive Two-way) OR (Forest trust Transitive Two-way)

    Please refer below article:

    1) Trust types


    2) Trust transitivity

    3 ) Creating External Trusts

    4) Creating Forest Trusts

    Author Comment

    if i create the trust level will this not mean all users in domain a can access c
    can i limit a trust to group of users
    LVL 18

    Expert Comment

    by:Sushil Sonawane
    Yes you can assign the group permission to user so that you can limit a trust to group of users.




    Assign domain A and B domain user group permission Universal group or Global group who wan to access domain C and remain user assign permission domain local .  You are going create External Trust Nontransitive One-way so that C user can't access A and B resource.
    LVL 39

    Accepted Solution

    The answer is your previous post :) and yes, you can achieve that to selected users group. But as I wrote in that post, you should not use external trust for that.

    Using standard trust, you would be able to define if you want to allow all users from another domain access resources or just only part of them. To allow part of them, you need to use "Selective Authentication" during forest trust set up


    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Join & Write a Comment

    Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now