Adding membership into a trusted forest fail

-

hi all, 

i have 2 separate forest, first forest named abc.com, windows 2003 server. , inside forest there child domain called zzz, fqdn child domain zzz.abc.com, second forest named 123.com (windows 2008) has no child domain. 

i setup 2 way trust between abc.com , 123.com, looks fine. @ 123.com server hosted file server. can add permission zzz.abc.com (child domain) users @ 123.com server. when try add security group (be global or universal) belongs zzz.abc.com, can't see group zzz.abc.com. when click @ "location" in folder sharing/security tab. can see abc.com domain. managed see groups abc.com not zzz.abc.com. 

i try setting "non transitive external" trust between zzz.abc.com , 123.com, result still same. try using aduc can't see groups zzz.abc.com. 

the file sharing ok means guess trust is, when try add user 123.com group zzz.abc.com, wouldn't work. 

can tell me might wrong this? 

thanks! 

hi,

based on description, can check whether system time on both forests synchronized. forest trust work properly, system time on pdc in root domain in both forests must synchronized.

regarding how troubleshoot cross forest-trust, following article can referred more information.

troubleshooting cross-forest trust in active directory

http://searchwindowsserver.techtarget.com/tip/troubleshooting-a-cross-forest-trust-in-active-directory

in addition, regarding dns name resolution create external, realm , forest trusts, following article can referred more information.

dns , netbios name resolution create external, realm , forest trusts

http://technet.microsoft.com/en-us/library/ee307976(v=ws.10).aspx

best regards,
frank shen


Windows Server  >  Directory Services



Comments

Post a Comment

Popular posts from this blog

Group Policy Event ID 1058 Error Code 1326 (The user name or password is incorrect)

-
i seeing odd error on 1 of our domain controllers. have dealt event id 1058 errors whereby policy (or policies) not replicating, receiving error along error code 1326 on server, , apparently happening default domain policy: log name:      system source:        microsoft-windows-grouppolicy date:          8/10/2015 3:09:54 pm event id:      1058 task category: none level:         error keywords:      user:          s-1-5-21-1484152634-2550175353-3916092219-3287 computer:      <dc name>.<domainname> description: processing of group policy failed. windows attempted read file http://schemas.microsoft.com/win/2004/08/events/event ">   <system>     <provi...
Read more

Suspicious event log Event ID: 4905

-
hi thr, could please me understand causing such event logs generate ? as  i understand, vssvc.exe pertains volume shadow copy used backup purpose.  we have third party application used taking backup of servers. the event longs generated following messages: 1) attempt made unregister security event source. 2) attempt made register security event source. these events not regular generated on random days. standard fields: date:               2013/10/19 time:               02:32:19 importance:         critical rule name:          security event monitored machine:  <domain controller> log format:         windows log name:           security event id:           4905 in work hours:      yes dynamic fields: internal timestamp: 2013/10/19 ...
Read more

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more