Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Multiple Domains in a Forest

Status
Not open for further replies.
dpanattoni

dpanattoni

IS-IT--Management
Jan 29, 2002
76
US
I have a situation where two autonomous companies have signed a contract to work together. Both of these companies are using W2K server, both have their own internal domains, Domain1.com and Domain2.com.

All users in Domain1.com are logging into a Terminal Server at Domain2.com in order to run the business software applications.

Because of this setup, all of the users in Domain1.com need to be setup in Domain2.com as well. This is creating a lot of extra maintenance and will only get worse as it looks like another company may join as well. If I make both of these domains part of the same forest, will this allow me to not have to have usernames setup in both domains? If not, how can I change this situation so that both companies are able to keep their domain names but yet users will only need to be setup once?

Thanks in advance.
 
Sort by date Sort by votes
I'll try to help, but I'm fairly new to this so there's only so much I can do. Have you tried to setup a trust relationship between them? As far as I know when you do it, you can share resources between ADs in different forests.
 
Upvote 0 Downvote
TwoEdge is correct. You need to setup a trust relationship between Domain1 and Domain2. You will then need to grant the Domain1 users login rights on the Domain2 Terminal Server.
 
Upvote 0 Downvote
From TechNet,


"Domains in the same forest are linked with two-way, transitive trust relationships., If child domains are added to the new domain, the trust path flows upward through the domain hierarchy extending the initial trust path created between the new domain and its parent domain.

Transitive trust relationships flow upward through a domain tree as it is formed, creating transitive trusts between all domains in the domain tree.

Authentication requests follow these trust paths, so accounts from any domain in the forest can be authenticated at any other domain in the forest. With a single logon process, accounts with the proper permissions can access resources in any domain in the forest."
 
Upvote 0 Downvote
The best solution seems to be create a trust between the two domain.As per your need create a two way or one way trust as per both the companies requirement
 
Upvote 0 Downvote
Thanks for all of your help. After talking with management of the companies involved, I am going to head a different direction altogether. I now would like to have only one domain name. One of the DCs in Domain1 is a W2003 server. The DC in the Domain2 is a W2k server. I am now looking at what options I have to bring both of these DCs so that they are all working in the same domain without having to readd all of the users, groups, gpo's, etc.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
475
gbaughma
gbaughma
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
268
Aquiles Vidal
Aquiles Vidal
nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
210
mangentle
mangentle
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
276
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
406
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top