Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Trust Domains

Status
Not open for further replies.
efector

efector

IS-IT--Management
Dec 10, 2003
234
US
I have 2 domains that trust each other, on separate subnets, yet accessible to each other via router. I have domainA.com and domainb.local. From my desktop on domainA.com, i can open up MMC snap-ins and manage domainA.com without any issue. I can also switch domains via the mmc and connect to domainb.local, but everything is greyed out, and while i can view things, i cant add/change anything. same is true when i use the mmc snapin for DNS, i can see the dns server, see all zone files, but cant make any changes. I am an enterprise/schema/domain admin in both networks. Am I screwing something up, or is this by design? I want to be able to manage both network resources, via mmc from the same desktop.

Is this possible?

Thanks!
 
Sort by date Sort by votes
Assumming that your workstation is a member of DomainA....

Add you userID from DomainA, into the domain admins, schema admins, etc in DomainB.

Retry your connection...

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
what type of domains are these? 2003/2000, 2003/2003, 2000/2000?

try verifying the trust:

Open Active Directory Domains and Trusts.

In the console tree, right-click the domain that contains the trust you want to verify, and then click Properties.

On the Trusts tab, under either Domains trusted by this domain (outgoing trusts) or Domains that trust this domain (incoming trusts), click the trust to be verified, and then click Properties.

Click Validate.

Do one of the following, and then click OK:

Click No, do not validate the incoming trust.
If you choose this option, it is recommended that you repeat this procedure for the reciprocal domain.

Click Yes, validate the incoming trust.
If you choose this option, you must type a user account and password with administrative credentials for the reciprocal domain.

To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority.

-PuterLuver
 
Upvote 0 Downvote
the domainA.com is 2003/domainb.local is 2000. When I go to domainb.local, and go into ADU/C I try and go into the enterprise admins group and try to add my user account, but I cant see domainA.com in the drop down box. its only domainb.local or entire directory. I am off here somewhere?
 
Upvote 0 Downvote
what kind of trust did you create? you should have created a two-way transitive trust. Can you see domainb.local from domainA.com?, but not vise versa?

-PuterLuver
 
Upvote 0 Downvote
It says that its not transitive. The problem is that this domain was 'trusted' when it was NT 4 and its been upgraded to 2003. Should I delete the current trust and then recreate it? how do it get it to become transitive?
 
Upvote 0 Downvote
The trust type is listed as external. Its says NO under transitive.
 
Upvote 0 Downvote
It should work....sounds like something is missing here.

Here is a link to a video..., yes, a video. People like videos and the fun to watch.

Anyway, this video will show you how to establish a trust and how to make a user an administrator of both domains.

Click the following link and then choose "Creating Trust Relationships" under Session Material.



-hope this helps...

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
One last question......I can see both domains in MY Network Places, but I cannot browse one domain to the other. Any idea why? I have set up WINS on both domains, and they are replication partners, and i can ping via netbios name to the other networks.
 
Upvote 0 Downvote
My guess is that you haven't added yourself to any of the groups on the remote domain yet.

What error do you get when you try to browse to the remote domain?

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

techbrain1
  • Locked
  • Question
Trust relationship issue 1
Replies
3
Views
806
araheusaff
araheusaff
mmcbeath
  • Locked
  • Question
2 Way Trust - Not working
Replies
0
Views
190
mmcbeath
mmcbeath
goombawaho
  • Locked
  • Question
trust relationship between this workstation and the primary domain failed
Replies
2
Views
237
goombawaho
goombawaho
efector
  • Locked
  • Question
Trust between 2008 and 2003
Replies
0
Views
130
efector
efector
Encino40
  • Locked
  • Question
Move user between child domains
Replies
1
Views
188
Encino40
Encino40

Part and Inventory Search

Sponsor

Back
Top