No announcement yet.

2 Forest without Trusts

  • Filter
  • Time
  • Show
Clear All
new posts

  • 2 Forest without Trusts

    Hello All,
    I am at lost here.

    I have to forests.
    Forest1 and Forest2.
    In Forest1 I have one Domain, let's call it Domain1.Forest1.
    In Forest2 I have three Domains, let's call them Domain1.Forest2, Domain2.Forest2, Domain3.Forest2.
    I do care only about Domain1.Forest2 and Domain1.Forest1.

    We do not have any Forest Trust going between Forest1 and Forest2 but we do have a non-transitive, <-> trust between Domain1.Forest2 and Domain1.Forest1.

    Now in Domain1.Forest2 I have a domain local group [Group1] that contains users from Domain1.Forest1.
    I want to nest this Group1 into another domain local group but it seems that I cannot do that since AD seems to not be able to do the recursion or something.
    Can someone explain me why?


  • #2
    Re: 2 Forest without Trusts

    It should work. I tested this in my environment based on two forest: a Windows 2k and 2k3. The external trust is between the w2k forest root domain and w2k3 forest chaild dom.
    What is your configuration?
    Are you sure that the nested group Group2 1 is also domain local and not a global group?
    Csaba Papp
    MCSA+messaging, MCSE, CCNA
    Remember to give credit where credit is due and leave reputation points where appropriate


    • #3
      Re: 2 Forest without Trusts

      What is the Domain and Forest Functional Level on both sides ?

      You need to be at least at W2K Native mode to be able to put domain1\localgroup1 in domain1\localgroup2
      Guy Teverovsky
      "Smith & Wesson - the original point and click interface"