Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Active Directory Trust permissions

Posted on 2014-03-05
7
Medium Priority
?
335 Views
Last Modified: 2014-03-26
I have created a trust between two domains and I am now trying to share security groups but can only see from each domain the OU Builtin what permissions needs to be added to the other OU's so i can see them between the domains?

Thanks
0
Comment
Question by:Dan130
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
7 Comments
 
LVL 19

Expert Comment

by:helpfinder
ID: 39906052
check this:
[link removed]

what kind of trust relationship did you do?
what is the domain functional level of each domain?
are the domains in the same forest?
0
 
LVL 1

Author Comment

by:Dan130
ID: 39906059
what kind of trust relationship did you do?
what is the domain functional level of each domain? server 2003
are the domains in the same forest?

Trust Type: forest transitive: Yes
0
 
LVL 1

Author Comment

by:Dan130
ID: 39906310
Looking at the link you sent me its telling me to use domain local groups instead which is fine going forward but what about adding users to existing AD groups that's are not domain local.
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 1500 total points
ID: 39912357
In both domains under built-in container double click administrators group and add domain admins group of opposite domain there vice versa

This will enable view of entire OU structure of both domains vice versa

Also you cannot add users from one domain to global group in another domain
Global groups can contains users from its own domain only

If you wanted to add users from one domain to another, then you have two ways

Add global group in one domain to universal group in another domain
OR
add global group in one domain to domain local group in another domain

Also in another domain resource access then need to be routed through universal groups or domain local groups

Mahesh
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question