Announcement

Collapse
No announcement yet.

Need to add trusted user or site from different forest

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Need to add trusted user or site from different forest

    I have two completely separate networks that are not physically connected in any way, I'll call them domain0 and domain1. The DC's for both networks are both Win 2000 Advanced Servers and they sit in the same room. My user account on domain0 is a member of the "domain admins" group. I would like to make my domain0\username account a member of the "domain admins" group in domain1 too so I can connect my backup server (a member of domain0) to some of the computers in domain1.

    I know I'll need to patch in a second NIC on the DC in domain1 to the switch on domain0 and give it an address on that network. Once I do that, what else will I need to do, or is there a better way to accomplish this ?

  • #2
    Re: Need to add trusted user or site from different forest

    After You have to configure trusts between domains.

    Comment


    • #3
      Re: Need to add trusted user or site from different forest

      Thanks for the post Alehva. I've looked at the domain-trusts on Microsoft and most of what I have read pertains to setting up trusts on domains in the same forest. I have a second NIC setup now on the domain1 DC and I can now browse domain0. In the domains and trusts of this DC, I still can't see domain0. I haven't done this before I might need a little more direction with this.

      Comment


      • #4
        Re: Need to add trusted user or site from different forest

        Have a read at this

        http://technet.microsoft.com/en-us/l...79(WS.10).aspx

        As long as you can see the forest then you shouldn't have an issue setting up a trust to it.

        Comment


        • #5
          Re: Need to add trusted user or site from different forest

          Thanks wullieb1, I think that is what I need to do. This applies to 2003 Server, Both of my DC's are 2000 Server, are there any differences or caveats ? Thanks again.

          Comment


          • #6
            Re: Need to add trusted user or site from different forest

            Shouldn't be.

            Its been a while since i looked at 2000 Server thouggh.

            Comment


            • #7
              Re: Need to add trusted user or site from different forest

              Using the instructions from the previous link (windows 2000 is slightly different), I was able to add domain0 as a trusted domain on the domain1 DC. When I try to add domain1 to the domain0 DC, I get an error "The RPC Server is not available".
              A reboot did not fix it.

              Comment


              • #8
                Re: Need to add trusted user or site from different forest

                Can they communicate successfully??

                Any firewalls enabled???

                Comment


                • #9
                  Re: Need to add trusted user or site from different forest

                  Originally posted by starrouter View Post
                  Using the instructions from the previous link (windows 2000 is slightly different), I was able to add domain0 as a trusted domain on the domain1 DC. When I try to add domain1 to the domain0 DC, I get an error "The RPC Server is not available".
                  A reboot did not fix it.
                  Is the RPC services turn on, on both servers?
                  With correct permissions?

                  Wofen
                  Good to be back....

                  Comment


                  • #10
                    Re: Need to add trusted user or site from different forest

                    the two DC's can communicate. Domain1 DC can browse computers in both Domains. Domain0 DC can only see the DC in domain1 but not other computers in that domain. Right now the only connection between the two is a second NIC in the domain1 DC with a domain0 IP address plugged into the domain0 switch. I might need to do the same thing with the DC in domain0, enable a second NIC and plug it into that network switch. Ill take another look at it Monday.

                    Comment


                    • #11
                      Re: Need to add trusted user or site from different forest

                      Originally posted by starrouter View Post
                      the two DC's can communicate. Domain1 DC can browse computers in both Domains. Domain0 DC can only see the DC in domain1 but not other computers in that domain. Right now the only connection between the two is a second NIC in the domain1 DC with a domain0 IP address plugged into the domain0 switch. I might need to do the same thing with the DC in domain0, enable a second NIC and plug it into that network switch. Ill take another look at it Monday.
                      If you could get them both talking via Cross over cables it should work, it should work though the router as well, but I have only ever used X-cable.

                      Once that is setup, you should be able to setup trust, then premissions, then it should work.

                      Wofen
                      Good to be back....

                      Comment


                      • #12
                        Re: Need to add trusted user or site from different forest

                        Can I simply add trust between a 2003 and 2008R2 domain?

                        Comment


                        • #13
                          Re: Need to add trusted user or site from different forest

                          yes, you should be able to add a trust between disparate DFL/FFL environments.
                          Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                          Comment


                          • #14
                            Re: Need to add trusted user or site from different forest

                            I got it working, thanks everyone. My only real hurdle was that the domain0 DC had only one NIC installed and it's always in use and couldn't be shut down right now to add another one. Since the resources on domain0 were now accessible from domain1 (but not the other way around), I just dis-joined the backup server from domain0 and joined it to domain1 and now I have access to what I need on both domains.
                            Last edited by starrouter; 26th October 2010, 01:00. Reason: added more detail

                            Comment

                            Working...
                            X