Windows 2000 AD Forest Trusts

S

Scott Rhyan

Hello,

I have two Windows 2000 forests with two way trusts
between them. Each Forest has 2 servers and each have
primary DNS serivce running. I've created secondary DNS
servers on each of the forests for each other.

The question....

When I go into Network Neighborhood I am unable to browse
each of the Forest domains as they appear in my list. It
says that they are not accessible and the network path was
not found. I can ping the FQDN of each of the servers in
the separate forests, but not the host name.

I checked for full routing issues, and traces are going
directly to each of the servers

There is a full T1 pipe between the locations and it is
completely open for all ports

Any advice?
 
H

Herb Martin

Scott Rhyan said:
Hello,

I have two Windows 2000 forests with two way trusts
between them. Each Forest has 2 servers and each have
primary DNS serivce running. I've created secondary DNS
servers on each of the forests for each other.
Click to expand...

Forest trusts do not exist in Win2000 -- only Win2003 (in Win2003
Forest Functional level) Forests support those "one or two way,
semi-transitive trusts"

In Win2000 (or anything less than Win2003 Forest functional level)
only "External trusts" are supported for trusting outside the Forest.

Such external trusts are one-way and TOTALLY "non-transitive", being
a trust between EXACTLY two domains.
When I go into Network Neighborhood I am unable to browse
each of the Forest domains as they appear in my list. It
Click to expand...

Such browsing issues are almost always a WINS server (or lack of WINS
server) issue.

Do you have a WINS server (set) and do all the DCs and clients point
to the SAME WINS database (database == set of WINS servers which
replicate their databases.)
says that they are not accessible and the network path was
not found. I can ping the FQDN of each of the servers in
the separate forests, but not the host name.
Click to expand...

Access is normally an account, trust, or DNS issue but can be related
to WINS as I believe the external trusts still use NetBIOS (WINS again)
to find partner DCs from the other domain.

Access can also be a DNS issue (unable to find DCs by name).
I checked for full routing issues, and traces are going
directly to each of the servers
Click to expand...

One separation to make is to eliminate Network Neighborhood and
browsing issues by use "net use" (etc) from the command line, and using
both the DNS and IP in the "net use" command to eliminate (most) name
resolution issues.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Multi forest and Citrix farm 1
Further question regarding transitive nature of forest trusts 2
I need help creating forest trusts 26
External Trusts 1
Forest Trusts and DNS 3
Problem setting up Forest Trust - Win2003 Forests 1
Is 'security' provided by AD trusts worthless ? 5
Need to trust two different forrests? 3

Top