I have got a VPN established between my domain and another domain, small company we have taken over, we are both on Windows 2003 Active Directory. So I was wondering whether it will be easy to create Domain Trust? Thanks
I have got a VPN established between my domain and another domain, small company we have taken over, we are both on Windows 2003 Active Directory. So I was wondering whether it will be easy to create Domain Trust? Thanks
To create a forest trust
- Open Active Directory Domains and Trusts.
- In the console tree, right-click the domain node for the forest root domain, and then click Properties.
- On the Trust tab, click New Trust, and then click Next.
- On the Trust Name page, type the DNS name (or NetBIOS name) of another forest, and then click Next.
- On the Trust Type page, click Forest trust, and then click Next.
- On the Direction of Trust page, do one of the following:
- To create a two-way, forest trust, click Two-way.
- Users in this forest and users in the specified forest can access resources in either forest.
- To create a one-way, incoming forest trust, click One-way:incoming.
- Users in the specified forest will not be able to access any resources in this forest.
- To create a one-way, outgoing forest trust, click One-way:outgoing.
- Users in this forest will not be able to access any resources in the specified forest.
- Continue to follow the wizard.
More information here - http://technet.microsoft.com/en-us/l...=ws.10%29.aspx
Could you please specify your question in more details about the VPN implementation? Are you using NAT? Have you ever filtered any traffic between 2 sites? Have you got any DNS name resolution mechanism in place between them?
I think that the DNS is working and all I did was add the domain name and the DNS servers forwarders and pointed it to the DNS servers, I can ping the names? Thanks
Active Directory provides security across multiple domains or forests through domain and forest trust relationships. Before authentication can occur across trusts, Windows must first determine whether the domain being requested by a user, computer or service has a trust relationship with the logon domain of the requesting account. For more information visit this website - http://technet.microsoft.com/en-us/l.../cc773178.aspx
Bookmarks