Re: Trusts using wrong domain controllers..

This is the best answer I've ever received on Usenet. If I could buy
you beer I would. Thankfully no one taught you that you're supposed to
attack the wording of my email and not provide any answers like most
people.

Method 1: Create the same site name in the forest to which you want to
create a trust relationship
1. Create a site in the TARGET domain that has the same name as that
of the site that hosts the domain controller in the SOURCE domain.
2. Link this site to other sites in the TARGET domain, and then assign
domain controllers to this site.
The TARGET domain controller should be a server that has good network
connectivity to SourceSite.

I've done it a bit backwards as my TARGET domain is solid and I'd
rather make the changes to the new SOURCE domain. I just wanted to
quickly clarify what I've done to ensure that it will be fine.

My TARGET site that I'd like to sync with is NA-VAN. My SOURCE site is
currently called EXT-VAN. Rather than create a new EXT-VAN site in the
TARGET, I renamed EXT-VAN to NA-VAN in the SOURCE.

NA-VAN (TARGET) already has domain controllers in it, and already has
IP SITE links configured, so I should be done.. correct?





On Apr 25, 4:23 pm, "Jorge Silva" <jorgesilva...@xxxxxxxxxxx> wrote:
Hi Glate
Check if this article helps youhttp://support.microsoft.com/kb/916474

--
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services

--------------------------------------------------

"Glate" <d...@xxxxxxxxx> wrote in message

news:1177540414.689550.286570@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

I have two forests configured:

1. Internal forest (internal.local), used for employees. 20+ domain
controllers around the world, GCs in each Branch Office. North America
branch offices all synchronize only with Vancouver. South Africa
branch offices all synchronize only with Johannesburg. Bridge all Site
links is not enabled.

2. External forest (external.local) for a web app. We have an external
one way trust so that users from our Internal forest can login to the
web app. There is a conditional forward on the external DC for
internal.local that points to a Vancouver (internal.local) DNS server.

The External Forest is located in Vancouver. When I attempt to add
permissions to in the web app, the server makes an LDAP connection to
one of the DC/GC's in South Africa rather than one of the two in
Vancouver, or 5+ in North America.

Is there an easy way to limit which DCs that the external forest uses?

I hope I posted enough information, if not let me know..


.

Relevant Pages

  • Re: 2000 to 2003 Migration - ADMT V.2
    ... The target domain is another tree in the forest i.e. the forest root ... Also, the following is how I have setup the migration station, source ... controller in the source domain. ... source domain controller and the target domain controller on which Active ...
    (microsoft.public.windows.server.migration)
  • Re: Trusts using wrong domain controllers..
    ... Is just a matter of configuring a Site close to the DC where the trust is going to be, assign the correct subnet and configure the Sitelink. ... Link this site to other sites in the TARGET domain, ... The TARGET domain controller should be a server that has good network ... External forest for a web app. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Can you force a secure channel from one DC to another in a Tru
    ... some testing on one domain controller which I have configured with an LMHOSTS ... file with all of the target domain controller host names and IP addresses. ... DCA was the PDC emulator but all the FSMO ... over on the eight source domain controllers to point ...
    (microsoft.public.windows.server.general)