Solved

Trust one-way issue

Posted on 2016-08-16
2
61 Views
Last Modified: 2016-08-17
hi experts

hope someone can shed some light on this issue. In our environment we have Windows Server 2003 DC on domain (A). and DC 2012 R2 Domain (B). these two are not same forest root.

we setup one-way Trust (Type) Forest trust transitive= Domain B (2012 R2 DC) trusted Domain A (2003 DC)=
-Direction of trust- Outgoing
-Transitivity of trust- forest transitive

-validated = passed (no problem here)
-Name suffix Routing setup for Domain.local B forest.
-authentication Forest wide - forest wide authentication

adding users domain A to domain B group "domain security group"= failed error stated (some of the object names cannot be shown in their user-friendly name form , this can happen if the object is from an external  domain and that domain is not available to translate the object name)

this happened after selected some users from domain A, which mean I did able browsing on domain-A of AD.

If we tried two way trust then everything seemed OK, we were able successfully added some users. so no issue on two-way trust.

if two way-trust is fine, that's rule out DNS, right?

thank you every much in advance.
0
Comment
Question by:VN-PC view
2 Comments
 
LVL 12

Accepted Solution

by:
Sandeep earned 500 total points
ID: 41759214
Just try to have a look at below link which is from Technet MS Site.

You need to add users through Universal Groups as advised.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/3a6867fa-ec70-436f-942c-d5b1fb652599/oneway-trust-question?forum=winserverDS
0
 

Author Closing Comment

by:VN-PC view
ID: 41759414
Thank you and will try that out
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question