troubleshooting Question

One way trust between Windows 2008 R2 and SBS 2011

Avatar of Bozen999
Bozen999 asked on
SBSActive DirectoryWindows Server 2008
3 Comments2 Solutions3194 ViewsLast Modified:
Hi Everyone,
I have the following problem, for a customer I am currently assisting:
- the Company has three branches in foreign countries (others will be installed in the future), each using an SBS 2011 Standard installation, using the following services: Active Directory, Exchange Server, Sharepoint Fundamentals, Shared Folders
- the Main Company needs to make available to the foreign branches a set of Shared Folders, available to all, to use as a file repository (read/write) for marketing and sales files

I would like to install at the main offices a Windows 2008 R2 Server, to provide Distributed File System for the branches.
I am aware of the fact that Small Business Server 2011 CANNOT trust other Server domains and must take on all the roles, so I cannot establish a two-way trust between the SBS installations and the Win2008R2 Server at the main office.

Question: would it be possible to set up a ONE-WAY trust (provided I understand correctly its use...), so the users at the branches authenticate with their own accounts (SBS) to this main server (2008R2) and access/modify the shared files?
I'd need the Distributed File System service, present on both Win2008Server and SBS2011, to have synchronized copies of those folders on-site, for speed purposes; so would DFS work in such an environment?

I understand the limitations of SBS, but the branch offices, which are actually legally and fiscally independent companies, are happily working and managing their SBS2011 installations on their own, and only a couple of them would eventually need, in the future, to upgrade to a full size multi-server 2008R2 environment with Exchange, SQL and the rest...

I am new to multi server installations, especially across WAN, and budget + ease of use + installation uniformity and branch company independence are really and issue here.

With the organization growing, would it be possible, eventually, to extend this kind of one-way trust authentication to SQL2008 and Sharepoint services?

Thanks for any help provided.
Systems Infrastructure Engineer

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 3 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros