Forest Trusts

[Nicolas Macarez]

Hi!
I have two Windows 2003 servers : SERVER1 (W2K3 R2 SP2) and SERVER2 (W2K3
SP2). Each server is acting as a DC for its domain which is in its own
forest : SERVER1 is DC for DOMAIN1; SERVER2 is a DC for DOMAIN2. Both
servers are on the same LAN (no router, no firewall). The DNS on both
servers are set up correctly, with a stub zone pointing to the other server.

I established a two-way transitive trust between both forests, using the
Active Directory Domains and Trusts snap-in. I chose the Forest Wide
Authentication in both ways of the trusts.

My purpose is to enable users from the domain DOMAIN2 to have their Exchange
Server 2007 mailboxes hosted on the server SERVER1 which is acting as an
Exchange Server for users from both domains.

My issue is not Exchange related (not yet!).

From the start, I can see that I have an authentication issue since I can't
browse some shared directories on server SERVER1 from a workstation in
domain DOMAIN2 (user belonging to DOMAIN2 and logged on DOMAIN2): I am asked
to enter some credentials (if I enter a username/password from DOMAIN1, it's
OK, I can access the shares on SERVER1).

I don't want to be asked for some credentials (it will prevent Outlook 2003
from working, since Outlook is trying to access to the Exchange server
situated on the other side of the Trust).

Any idea? What am I missing?
Help greatly appreciated.
Nicolas

 

[Demerson]

RE: Forest Trusts

Allow, mate.

I'm experiencing something similar, where one side can see all the resources
from the other, but the other side can't.

Still haven't managed to sort it out but a few simple things might come in
handy for you. Try checking whether the clocks on both DCs are synchronized.
Also, when you created the trusts, did you create on one of the sides and
actually saw it appear on the other side? It should be automatic.

If nothing else works, try to recreate the trust, which shouldn't take you
long anyway.

Let me know if any of these work. And if they don't, let me know what you'll
do to have it fixed. Might help me on my issue.

Cheers!

"Nicolas Macarez" wrote:

> Hi!
> I have two Windows 2003 servers : SERVER1 (W2K3 R2 SP2) and SERVER2 (W2K3
> SP2). Each server is acting as a DC for its domain which is in its own
> forest : SERVER1 is DC for DOMAIN1; SERVER2 is a DC for DOMAIN2. Both
> servers are on the same LAN (no router, no firewall). The DNS on both
> servers are set up correctly, with a stub zone pointing to the other server.
>
> I established a two-way transitive trust between both forests, using the
> Active Directory Domains and Trusts snap-in. I chose the Forest Wide
> Authentication in both ways of the trusts.
>
> My purpose is to enable users from the domain DOMAIN2 to have their Exchange
> Server 2007 mailboxes hosted on the server SERVER1 which is acting as an
> Exchange Server for users from both domains.
>
> My issue is not Exchange related (not yet!).
>
> From the start, I can see that I have an authentication issue since I can't
> browse some shared directories on server SERVER1 from a workstation in
> domain DOMAIN2 (user belonging to DOMAIN2 and logged on DOMAIN2): I am asked
> to enter some credentials (if I enter a username/password from DOMAIN1, it's
> OK, I can access the shares on SERVER1).
>
> I don't want to be asked for some credentials (it will prevent Outlook 2003
> from working, since Outlook is trying to access to the Exchange server
> situated on the other side of the Trust).
>
> Any idea? What am I missing?
> Help greatly appreciated.
> Nicolas
>
>
>
>
>
>
>
>