Domain Trust

Oneil Morgan
Oneil Morgan used Ask the Experts™

I have two different domains on the same LAN. Both are on Windows 2008 Server R2. I am not able to setup trust between the two. See error attached

Trust Wizard Error
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Shaun VermaakTechnical Specialist
Awarded 2017
Distinguished Expert 2018

Did you add conditional forwarders?
Co-Founder and Chief Architect
Top Expert 2016
Yes, you need to have the following for a domain trust:
> Conditional Forwarders on each domain to the other domain.
> Firewall rules allowing Active Directory traffic between the domain controllers.

To add a conditional forwarder:

> Open the DNS management console.
> Right click on 'Conditional Forwarders', choose 'New Conditional Forwarder'
 >> In the DNS domain tab, type in the full domain name of the target domain.
 >> In the IP address section enter in the IP(s) of the target domain controller(s).
 >> Check the box to store the forwarder in AD.

You should see a green icon indicating that it can contact the domain controller.  If you performed this step on Domain A, you also need to perform it on Domain B pointing back to Domain A.

For the ports required to enable AD traffic, please refer to this post's.html

So long as this is in place you should be able to establish the trust.


Thank you very much, response was quick and solution worked

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial