All-
I have a two way non-transitive trust (two disparate forests here!) and all seems to be working well as far as dns lookups from one forest to the other and vice versa across the two-way trust.. also dns conditional forwarding is working great so it seems.. now for my head scratcher....
I was under the impression that I would be able to do ldap queries either using ldp.exe or even something more high level like a dsquery on objects from one forest to the other yet I can't..
example.. I know I have specific servers and accounts in Forest B so I try to bind using ldp from forest A and do a seatch on that particular object in Forest B.. it does in fact "refer" to the object as being in Forest B but then nothing more, can't actually "find" that object whether acct or server in this consideration.
Furthermore, from Forest A's ADUC, I try to "connect to the domain" targeting Forest B but it doesn't "find this domain".. Am I mistaken in what a two trust non transitive trust can accomplish here ? do I need additional parameters setup using netdom in order for me to gain this type of functionality or is this just not possible.
please if anyone has any in depth insight on this, it would be very appreciated.
blade
I have a two way non-transitive trust (two disparate forests here!) and all seems to be working well as far as dns lookups from one forest to the other and vice versa across the two-way trust.. also dns conditional forwarding is working great so it seems.. now for my head scratcher....
I was under the impression that I would be able to do ldap queries either using ldp.exe or even something more high level like a dsquery on objects from one forest to the other yet I can't..
example.. I know I have specific servers and accounts in Forest B so I try to bind using ldp from forest A and do a seatch on that particular object in Forest B.. it does in fact "refer" to the object as being in Forest B but then nothing more, can't actually "find" that object whether acct or server in this consideration.
Furthermore, from Forest A's ADUC, I try to "connect to the domain" targeting Forest B but it doesn't "find this domain".. Am I mistaken in what a two trust non transitive trust can accomplish here ? do I need additional parameters setup using netdom in order for me to gain this type of functionality or is this just not possible.
please if anyone has any in depth insight on this, it would be very appreciated.
blade
