Solved

Trust one-way issue

Posted on 2016-08-16
2
63 Views
Last Modified: 2016-08-17
hi experts

hope someone can shed some light on this issue. In our environment we have Windows Server 2003 DC on domain (A). and DC 2012 R2 Domain (B). these two are not same forest root.

we setup one-way Trust (Type) Forest trust transitive= Domain B (2012 R2 DC) trusted Domain A (2003 DC)=
-Direction of trust- Outgoing
-Transitivity of trust- forest transitive

-validated = passed (no problem here)
-Name suffix Routing setup for Domain.local B forest.
-authentication Forest wide - forest wide authentication

adding users domain A to domain B group "domain security group"= failed error stated (some of the object names cannot be shown in their user-friendly name form , this can happen if the object is from an external  domain and that domain is not available to translate the object name)

this happened after selected some users from domain A, which mean I did able browsing on domain-A of AD.

If we tried two way trust then everything seemed OK, we were able successfully added some users. so no issue on two-way trust.

if two way-trust is fine, that's rule out DNS, right?

thank you every much in advance.
0
Comment
Question by:VN-PC view
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
Sandeep earned 500 total points
ID: 41759214
Just try to have a look at below link which is from Technet MS Site.

You need to add users through Universal Groups as advised.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/3a6867fa-ec70-436f-942c-d5b1fb652599/oneway-trust-question?forum=winserverDS
0
 

Author Closing Comment

by:VN-PC view
ID: 41759414
Thank you and will try that out
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question