Active Directory Trust permissions

Dan130
Dan130 used Ask the Experts™
on
I have created a trust between two domains and I am now trying to share security groups but can only see from each domain the OU Builtin what permissions needs to be added to the other OU's so i can see them between the domains?

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
helpfinderIT Consultant

Commented:
check this:
[link removed]

what kind of trust relationship did you do?
what is the domain functional level of each domain?
are the domains in the same forest?

Author

Commented:
what kind of trust relationship did you do?
what is the domain functional level of each domain? server 2003
are the domains in the same forest?

Trust Type: forest transitive: Yes

Author

Commented:
Looking at the link you sent me its telling me to use domain local groups instead which is fine going forward but what about adding users to existing AD groups that's are not domain local.
Architect
Distinguished Expert 2018
Commented:
In both domains under built-in container double click administrators group and add domain admins group of opposite domain there vice versa

This will enable view of entire OU structure of both domains vice versa

Also you cannot add users from one domain to global group in another domain
Global groups can contains users from its own domain only

If you wanted to add users from one domain to another, then you have two ways

Add global group in one domain to universal group in another domain
OR
add global group in one domain to domain local group in another domain

Also in another domain resource access then need to be routed through universal groups or domain local groups

Mahesh

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial