<div>
Maybe obvious, but you did not mention DNS settings - name resolution and routing are also important in establishing trusts
</div>


<div>
As long as you have the proper ports open between the domains, you should be fine. The note on DNS is &nbsp;crucial. Make sure you have a conditional forwarder set in each domains DNS server pointing to the other domains DNS server(s). The forest and domain funtional levels are fine.
</div>


<div>
<div class="content wysiwyg-content">
Hello experts, <br />
<br />
We need to setup a one-way trust for our company users (domain A) to access AD resources in another company (domain B). <br />
<br />
I have put together what I think makes sense in the attached. <br />
<br />
Please advise if there is something that I have missed. <br />
<br />
Also, our domain controller servers are on WIN2K8 but both the forest and domain functional levels are on WIN2K3. <br />
<br />
Thanks.<br />
<a href="https://filedb.experts-exchange.com/incoming/2016/01_w04/1074465/trust-test.png" target="_blank" class="file-inline" title="trust test (9 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>trust-test.png</a>
</div>
</div>


trust-test.png

Hello experts, 

We need to setup a one-way trust for our company users (domain A) to access AD resources in another company (domain B). 

I have put together what I think makes sense in the attached. 

Please advise if there is something that I have missed. 

Also, our domain controller servers are on WIN2K8 but both the forest and domain functional levels are on WIN2K3. 

Thanks.

Create a one-way trust

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.