Re: creating one way trust
- From: dkblee <dkblee@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 9 Jun 2009 10:38:01 -0700
hi! I would also like to find out how do i tell where the following roles are
located (i meant in which dc).
1)schema master
2)domain naming master
3) pdc emulator
4) rid masters
5) infrastructure master
My first DC in my domain is a win2k svr, where the global catalogue is. I've
another 2 DC in win2003r2. I'm thinking of retiring the win2k svr by
configuring one of my current dc as a spare global cataloque. Once everything
is replicated from the win2k svr. I will uncheck the global catalogue
settings in the site and trust of the win2k svr and retired it. Will this
work? any other things (roles) that i need to move out from the win2k svr to
win2003 DCs? I'm also thinking of moving out the global catalogue from the
win2k svr first before running dcpromo to demote it. Pls let me know whether
my plan will work.
The reason for doing above is that....i think in order to raise the
functional domain...all the DC must be win2003.
Let me know. Thanks.
"Jorge Silva" wrote:
Okay,.
Let me try to understan a little more about youre network.
How DNS servers are configured to resolve eachother FQDN? Did you setup
Secondary Zones, Stub Zones, Forwarding, Conditional Forwarding???
You say that the other trust is in a different network, correct?
Assuming FW between them, download and run "portqueryui.exe" or the command
line version of this tool to test the connectivity between both forests. If
needed open the necessary ports.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MVP Directory Services
"dkblee" <dkblee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B3BA65A9-8033-48C8-801C-5E6009E27B55@xxxxxxxxxxxxxxxx
hi! i did not turn on the firewall. there are 3 DCs in my domain and those
are in the same network (the other external domain that i'm creating the
trust is in different network). Yes i can resolve the dns name.
"Jorge Silva" wrote:
Hi
- Windows Server 2003 has the FW disabled by default, did you enabled it?
If
no, do you have any FW between them?
- What type of trust are you configuring?
- How many DCs and are in the same network?
- Can you resolve eachother FQDN?
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MVP Directory Services
"dkblee" <dkblee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:93122C0D-190D-4B58-ABFB-30C13DA4EEFC@xxxxxxxxxxxxxxxx
hi! I'm testing on a one way trust between 2 different domain. When
configuring that, i got the message the domain can't be contacted. The
DC
is
running on win2003svr stdn r2. Is there any port that i need to open in
the
winsvr firewall?
Will there be any different in configuring this one way trust
relationship
between 2 domains in a same forest and 2 domains from 2 seperate
forest?
what
will be the different? can explain? Thks.
- Follow-Ups:
- Re: creating one way trust
- From: Meinolf Weber [MVP-DS]
- Re: creating one way trust
- From: Ace Fekay [Microsoft Certified Trainer]
- Re: creating one way trust
- References:
- creating one way trust
- From: dkblee
- Re: creating one way trust
- From: Jorge Silva
- Re: creating one way trust
- From: dkblee
- Re: creating one way trust
- From: Jorge Silva
- creating one way trust
- Prev by Date: Re: creating one way trust
- Next by Date: Re: Moving a user from a child domain to a parent domain.
- Previous by thread: Re: creating one way trust
- Next by thread: Re: creating one way trust
- Index(es):
Relevant Pages
|
