Win 2k Server to Win2k Advanced Server Trust Relationship

[erik5104]

I'm having a bit of a problem. I need to set up domain trust relationships between my windows 2000 Server and my Windows 2000 Advanced Server. I have no clue how to do this. If you can help, please reply to this! -Erik

 

[tlcscousin]

This depends on what you are doing. If adding a new domain new tree to an existing forest or child domain to the existing domain,tree,forest.A child domain the trusts are automatically set up.A new domain new tree same forest are supposed to be automatic as well.If the first DC is the DNS server and you join the forest I have found it a lot less hassle to create the forward lookup zone in advance for the new domain.Then when the domain joins and the four subdomains are present(_mscds,_sites,_tcp,_udp)you can make sure the trusts are present in domains and trusts.
You can add trusts in the same area but start with the trusted domain first then the trusting domain.You can by clicking on the trust and selecting edit get an option to verify the trust which will quite often find and fix problems with a trust.

 

[erik5104]

i have no clue what the whole forest tree etc. means. All I know is that i have my Windows 2000 Advanced Server box sitting downstairs and it is the only server on the domain. Then i have a Windows 2000 Server box in another room, and it is the server for a different domain. i want these two to trust.

 

[WiredToad]

If your servers are in different Forests you will need to set up one way trusts like NT. If they are in the same forest, and just different trees, you can set up a one way. You may want to have a look at the help files on your 2K servers, click the online option for more info, they are a good resource.

 

[GuySmiley]

First, you want to make sure that both servers are acting as the domain controller for each of their respective domains. To do this, go to each machine and click Start->Programs->Administrative Tools->Active Directory Users and Computers. Then click on the "Domain Controllers" folder and you should see your server listed as the domain controller for that domain. Once you have verified that these are each in a seperate domain (this would be called a "forest&quot, then you go to Start->Programs->Administrative Tools->Active Directory Sites and Trusts. Right-click on the icon for the domain and then click on "Properties." From there, click on the "Trusts" tab and then click "Add" to add a new trust. This is where you will enter in the two-way trust between the domains.

Let's call the Win2k Advanced Server machine "domain A" and we'll call the other Win2k server "domain B". From the domain A machine, click on the "Add" button and enter in the name of domain B. Then enter a password that active directory will use to verify the trust alone, and click OK. Add the domain in both the "domains that this domain trusts" as well as the "domains that trust this domain" fields. Repeat the exact same steps on the machine hosts domain B. You might have to shuffle the order of how you set up the trusts a bit, this should set you on the right track. My only other bit of advice would be to make sure that your DNS settings are properly configured on both machines, or that they point to the same external DNS machine. If your DNS settings are screwed up, then you will get all kinds of "RPC server unavailable" errors.

Hope this helps!

Guy