Re: Problem Establishing Trust between Production and Development AD E
- From: "Paul Bergson" <pbergson@xxxxxxxxxx>
- Date: Wed, 14 Dec 2005 09:57:11 -0600
Each forest needs to be able to resolve the others name space.
The easiest thing to do would be to move the test dns domain to your
production dns. As long as you maintain the seperate name space there
should be no problems. You can have this setup even with the seperate
forests. Once this is done point your test dc's (as well as work stations
and member servers) to this new dns server. You would then be able to
establish the trust without any other modifications.
http://expertanswercenter.techtarget.com/eac/knowledgebaseAnswer/0,295199,sid63_gci1104911,00.html
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
This posting is provided "AS IS" with no warranties, and confers no rights.
"Terry B" <TerryB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F21260CC-9C85-4211-A5AB-2D5DB821CF2C@xxxxxxxxxxxxxxxx
> Hi folks, I apologize for the long winded question in advance. We need to
> setup a trust between our production and development AD forests in order
> to
> push a new application. I tried creating the trust through AD Domains and
> Trusts, but the tool is not able to connect to the domain. Here is a bit
> of
> a background;
> 1. Production domain is called ICM.BCE.NET and dev domain is called
> ORT.BCE.NET although same DNS suffix, they are in entirely different
> forests
> (could the suffix be an issue -- didn't think so since they were different
> forests)
> 2. On the same subnet they also have another AD forest called ICM.VOICE.
> (I
> tend to think that this is the root cause since on a NetBIOS level they
> are
> still both called ICM). This was proven since ORT attempted to trust the
> production ICM domain and was able to establish a trust (but it ended up
> being with ICM.VOICE)
> 2. Separate DNS environments and neither domain is secondary to the other.
> 3. I am able to authenticate to servers on that domain when mapping to
> server resources manually.
> 4. Cannot see the domain in the browse list although others are avail.
> There
> is no firewall separating these two environments.
>
> I think the main issue is the availability of the ICM.VOICE domain on the
> same subnet as ORT which is causing the problem establishing the trust.
> My
> question is, is a trust relationship based on the NetBIOS name of the
> domain
> or is through the AD name? If this is the case, is it possible to "force"
> a
> trust between the production ICM domain and ORT?
>
.
- Prev by Date: Setting Up AD (&GPO) Newbie Question
- Next by Date: Re: DNS/Netbios Name
- Previous by thread: Setting Up AD (&GPO) Newbie Question
- Next by thread: LDIFDE or ADMT
- Index(es):
Relevant Pages
|
