Guest Nicolas Macarez Posted December 6, 2007 Posted December 6, 2007 Hi! I have two Windows 2003 servers : SERVER1 (W2K3 R2 SP2) and SERVER2 (W2K3 SP2). Each server is acting as a DC for its domain which is in its own forest : SERVER1 is DC for DOMAIN1; SERVER2 is a DC for DOMAIN2. Both servers are on the same LAN (no router, no firewall). The DNS on both servers are set up correctly, with a stub zone pointing to the other server. I established a two-way transitive trust between both forests, using the Active Directory Domains and Trusts snap-in. I chose the Forest Wide Authentication in both ways of the trusts. My purpose is to enable users from the domain DOMAIN2 to have their Exchange Server 2007 mailboxes hosted on the server SERVER1 which is acting as an Exchange Server for users from both domains. My issue is not Exchange related (not yet!). From the start, I can see that I have an authentication issue since I can't browse some shared directories on server SERVER1 from a workstation in domain DOMAIN2 (user belonging to DOMAIN2 and logged on DOMAIN2): I am asked to enter some credentials (if I enter a username/password from DOMAIN1, it's OK, I can access the shares on SERVER1). I don't want to be asked for some credentials (it will prevent Outlook 2003 from working, since Outlook is trying to access to the Exchange server situated on the other side of the Trust). Any idea? What am I missing? Help greatly appreciated. Nicolas
Guest Demerson Posted January 31, 2008 Posted January 31, 2008 RE: Forest Trusts Allow, mate. I'm experiencing something similar, where one side can see all the resources from the other, but the other side can't. Still haven't managed to sort it out but a few simple things might come in handy for you. Try checking whether the clocks on both DCs are synchronized. Also, when you created the trusts, did you create on one of the sides and actually saw it appear on the other side? It should be automatic. If nothing else works, try to recreate the trust, which shouldn't take you long anyway. Let me know if any of these work. And if they don't, let me know what you'll do to have it fixed. Might help me on my issue. Cheers! "Nicolas Macarez" wrote: > Hi! > I have two Windows 2003 servers : SERVER1 (W2K3 R2 SP2) and SERVER2 (W2K3 > SP2). Each server is acting as a DC for its domain which is in its own > forest : SERVER1 is DC for DOMAIN1; SERVER2 is a DC for DOMAIN2. Both > servers are on the same LAN (no router, no firewall). The DNS on both > servers are set up correctly, with a stub zone pointing to the other server. > > I established a two-way transitive trust between both forests, using the > Active Directory Domains and Trusts snap-in. I chose the Forest Wide > Authentication in both ways of the trusts. > > My purpose is to enable users from the domain DOMAIN2 to have their Exchange > Server 2007 mailboxes hosted on the server SERVER1 which is acting as an > Exchange Server for users from both domains. > > My issue is not Exchange related (not yet!). > > From the start, I can see that I have an authentication issue since I can't > browse some shared directories on server SERVER1 from a workstation in > domain DOMAIN2 (user belonging to DOMAIN2 and logged on DOMAIN2): I am asked > to enter some credentials (if I enter a username/password from DOMAIN1, it's > OK, I can access the shares on SERVER1). > > I don't want to be asked for some credentials (it will prevent Outlook 2003 > from working, since Outlook is trying to access to the Exchange server > situated on the other side of the Trust). > > Any idea? What am I missing? > Help greatly appreciated. > Nicolas > > > > > > > >
Recommended Posts