Networks

General discussion

Gravatar
Locked

setting up a trusts between 2 networks

By heath ·
any input appreciated! :)
I have 2 seperate windows domains, both are running on the server 2003 platform in seperate buildings. first.domain.com is connected to second.domain.com,(eg)via cat 5 cable into the uplink port. 1st domain is on ip block 192.168.1.x, 2nd domain is on 192.168.0.x, sub mask is 255.255.255.0. I need to set up a 2 way forest trust to share files between companies, but can't seem to make it work. Domain 1 has a software firewall, Domain 2 has a hardware firewall and each domain has its own ISP connection. I've tried NSlookup and pinging to see if i can see either dns servers and tried dns forwarding to no avail. I am thinking it could be firewall related but not sure. Any one have any ideas?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

gravatar
Collapse -

by BFilmFan In reply to setting up a trusts betwe ...

Are these domains single domain AD forests?

Since you cannot ping either domain by name, DNS is the issue. There is an excellent checklist available here for creating trusts between forests:

http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/windowsserv/2003/standard/proddocs/en-us/x_checklist.asp

Most likely, you need to create a root hint in both of the domains pointing to the start of authority server for the other domain.

gravatar
Collapse -

by heath In reply to

Thanks for the reply Bfilmfan :). Yes both domains are running AD. I have been thru that checklist a couple of times and tried root hints, still have not solved the problem. When trying to set up the forest trust, i do not even get that option, i can only choose from a realm trust or domain trust. I assume this is because i can not contact the 2nd domain. Is this right? Could it be firewall related, proper ports are not opened? Or is it possible the physical connection (cat 5) is not connected properly? Length of cable is 250 ft. and signal is fine.
Thanks for any input!

gravatar
Collapse -

by advancedgeek In reply to setting up a trusts betwe ...

You physically have the two domains connected, or are you trying to do this over the internet? If you are trying to do this over the internet; your dns servers have private IP addy's? I am having a hard time forming a mental image of your networks. B/c if your dns servers are nothing but shortcuts to the internet's root hints, your going to need to do some port forwarding or something for your two dns servers to be able to talk to each other. I hope this doesn't sound stupid b/c it's too early on a monday for my brain to function normally. :)

gravatar
Collapse -

by advancedgeek In reply to

oops...I reread your question and I now see that it is indeed too early for my brain to function correctly. By forest trust, do you mean two-way transitive trust? Wouldn't that allow resource sharing?

gravatar
Collapse -

by lsmith1989 In reply to setting up a trusts betwe ...

Sounds like its most likely a port/firewall problem. I would verify things to rule that out first. I would then also check AD SItes and Services and make sure that things are setup properly. Once, those are verified or ruled out, make sure that you are creating the trusts with an account that has the proper permissions.

just my 2 cents.

Back to Networks Forum

Start or search

Related Discussions

Related Forums