Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Trust Problems between two w2003 domains

Status
Not open for further replies.
rogerpatel

rogerpatel

Technical User
Jun 14, 2005
120
Hi all,

We have two Windows 2003 Doamins, both of these networks are in different locations.

Very simple networks, there is only one server at each site, as follows:
W2003 DC
dns
dhcp
used for file and print only

We have now connected both the sites up using box to box vpn, this also passed netbios requests over each other.

Site a network is 192.168.110.x
Site b network is 193.168.210.x

from either site we can ping either network by ip or server name.

We need to setup a one way trust so site a can access site b, but site b must not be able to access site a.

currently when any user or administrator from any site browes network places they can view both netbios domains however if they click the opposite domain name it prompts them for a user and password.

We need to setup a trust from site a to site b.

I have now spent over 3 hours trying to create a simple one way trust and failed big time.

After doing much reasearch i have found out that i must first setup my dns servers at both sides to see each other, something about Configuring both dns servers to see each other so active directory knows whos' who.

So in a nut sheel two domains with there own Dns servers at each end, Can anyone please show me how to configure these dc's to see each other.

Thanks

Roger


, both domains are in their own forest / doamin. Both
 
Sort by date Sort by votes
setup WINS or at least enable netbios over tcp/ip.

Microsoft in its wisdom left in a requirement for netbios when setting up trusts...

don't you just love 'em??
:)

Aftertaf
We shall prevail, and they shall not
 
Upvote 0 Downvote
Hi mate

Thanks for the help.

I have managed to get it to work, i have to create a secondary dns zone withing in each domain, each looking up the opposite domain, enable zone transfers, then create the trusts.

I could'nt belive that i had to search for a whole day on the web etc to get this answer.

Can you please tell me if you think its also worth enabling netbios on each of the Servers.

Thanks
 
Upvote 0 Downvote
it depends...
on what you are going to use on your network, on how well protected and exposed to the wild wild west your servers will be.

ideally you are better without it for different reasons but some legacy software maight need it (like exchange 2003 apparently!!!)
and for trusts too...


Aftertaf
We shall prevail, and they shall not
 
Upvote 0 Downvote
cheers mate,

As its a secured vpn link i think i will enable it on both the servers, their will also be an exchange 2003 server soon.

Thanks again for the quick response
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

nervous2
  • Locked
  • Question
DNS setup on Sperate Domains with a two way trust connected via ipsec.
Replies
1
Views
282
notRoman
notRoman
PPettit
  • Locked
  • Question
Server with similar internal and external domains. Can't always resolve host name internally. 2
Replies
12
Views
410
ShackDaddy
ShackDaddy
ceil32
  • Locked
  • Question
DNS Problems with new DC
Replies
1
Views
152
ceil32
ceil32
siumsr
  • Locked
  • Question
Application Authentication between Trusted domains
Replies
0
Views
78
siumsr
siumsr
donotunderstands22
  • Locked
  • Question
MX-records pointing to different domains on the same DNS-server?
Replies
2
Views
166
muckermucker
muckermucker

Part and Inventory Search

Sponsor

Back
Top