{"id":3014,"date":"2014-02-24T20:08:28","date_gmt":"2014-02-24T20:08:28","guid":{"rendered":"http:\/\/blog.ed.gs\/?p=3014"},"modified":"2014-02-24T20:08:28","modified_gmt":"2014-02-24T20:08:28","slug":"two-way-active-directory-cross-domain-trust","status":"publish","type":"post","link":"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/","title":{"rendered":"Two Way Active Directory Cross Domain Trust How-To"},"content":{"rendered":"

As I’ve been doing this on more and more servers, so I thought it would be best to document the process.<\/p>\n

DNS Setup<\/strong><\/p>\n

    \n
  1. Open the DNS manager on the first server<\/span><\/li>\n
  2. Expand the Forward Lookup Zones, right click on the primary zone (e.g. domain1.local) and click properties.<\/span><\/li>\n
  3. Go to the zone transfers section and configure the server to allow zone transfers either all servers (unsecure) or type the IP of the second server and allow access to that server.<\/li>\n
  4. Expand the Reverse Lookup Zones, right click on the primary zone (e.g. 10.10.10.in-addr.arpa) and click properties.<\/li>\n
  5. Go to the zone transfers section and configure the server to allow zone transfers either all servers (unsecure) or type the IP of the second server and allow access to that server.<\/li>\n
  6. Open the DNS manager on the second server.<\/li>\n
  7. Expand the Forward Lookup Zones, right click on the primary zone (e.g. domain2.local) and click properties.<\/li>\n
  8. Go to the zone transfers section and configure the server to allow zone transfers either all servers (unsecure) or type the IP of the second server and allow access to that server.<\/li>\n
  9. Expand the Reverse Lookup Zones, right click on the primary zone (e.g. 11.11.11.in-addr.arpa) and click properties.<\/li>\n
  10. Go to the zone transfers section and configure the server to allow zone transfers either all servers (unsecure) or type the IP of the second server and allow access to that server.<\/li>\n
  11. On the first server, create a secondary zone in the Forward Lookup Zones naming it after the domain on the second server (e.g. domain2.local).<\/li>\n
  12. When asked, set the master server as the IP of the second server.<\/li>\n
  13. In the Reverse Lookup Zone, create a secondary zone named after the primary zone of the second server (e.g. 11.11.11.in-addr.arpa).<\/li>\n
  14. When asked, set the master server as the IP of the second server.<\/li>\n
  15. On the second server, create a secondary zone in the Forward Lookup Zones naming it after the domain on the first server (e.g. domain1.local).<\/li>\n
  16. When asked, set the master server as the IP of the first server.<\/li>\n
  17. In the Reverse Lookup Zone, create a secondary zone named after the primary zone of the first server (e.g. 10.10.10.in-addr.arpa).<\/li>\n
  18. When asked, set the master server as the IP of the first server.<\/li>\n
  19. DNS should now be replicated across both domains. You can test it by pinging a FQDN computer name, (e.g. ping server.domain1.local). If you receive a response then it’s working correctly.<\/li>\n<\/ol>\n

    Two Way Trust Set Up<\/strong><\/p>\n

      \n
    1. On the first server, open Active Directory Domains and Trusts from the Administrative Tools area in Control Panel.<\/li>\n
    2. Right click on the domain name and click Properties.<\/li>\n
    3. Navigate to the Trusts tab and click New Trust at the bottom.<\/li>\n
    4. The Trust wizard will appear, press next and type in the FQDN address of the second server (e.g. server.domain2.local) and press next.<\/li>\n
    5. Choose Realm Trust and press Next.<\/li>\n
    6. For Trust Transitivity choose Nontransitive.<\/li>\n
    7. For the direction choose Two-way and press Next.<\/li>\n
    8. Type a password for the trust twice and press Next and Next again on the next tab.<\/li>\n
    9. Press Finish.<\/li>\n
    10. On the second server, open Active Directory Domains and Trusts from the Administrative Tools area in Control Panel.<\/li>\n
    11. Right click on the domain name and click Properties.<\/li>\n
    12. Navigate to the Trusts tab and click New Trust at the bottom.<\/li>\n
    13. The Trust wizard will appear, press next and type in the FQDN address of the first server (e.g. server.domain1.local) and press next.<\/li>\n
    14. Choose Realm Trust and press Next.<\/li>\n
    15. For Trust Transitivity choose Nontransitive.<\/li>\n
    16. For the direction choose Two-way and press Next.<\/li>\n
    17. Type a password for the trust twice (not sure if this needs to be the same as the password on the other server, I usually set it the same) and press Next and Next again on the next tab.<\/li>\n
    18. Press Finish.<\/li>\n
    19. All done, you now have a two way trust set up!<\/li>\n
    20. Enjoy<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

      As I’ve been doing this on more and more servers, so I thought it would be best to document the process. DNS Setup Open the DNS manager on the first server Expand the Forward Lookup Zones, right click on the primary zone (e.g. domain1.local) and click properties. Go to the zone transfers section and configure […]<\/p>\n","protected":false},"author":2,"featured_media":3428,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false},"categories":[4,32,70,71],"tags":[],"yoast_head":"\nTwo Way Active Directory Cross Domain Trust How-To - E<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Two Way Active Directory Cross Domain Trust How-To - E\" \/>\n<meta property=\"og:description\" content=\"As I’ve been doing this on more and more servers, so I thought it would be best to document the process. DNS Setup Open the DNS manager on the first server Expand the Forward Lookup Zones, right click on the primary zone (e.g. domain1.local) and click properties. Go to the zone transfers section and configure […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/\" \/>\n<meta property=\"og:site_name\" content=\"E\" \/>\n<meta property=\"article:published_time\" content=\"2014-02-24T20:08:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/static.ed.gs\/wp-content\/uploads\/2014\/02\/24.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1365\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ed\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ed\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/\",\"url\":\"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/\",\"name\":\"Two Way Active Directory Cross Domain Trust How-To - E\",\"isPartOf\":{\"@id\":\"https:\/\/ed.gs\/#website\"},\"datePublished\":\"2014-02-24T20:08:28+00:00\",\"dateModified\":\"2014-02-24T20:08:28+00:00\",\"author\":{\"@id\":\"https:\/\/ed.gs\/#\/schema\/person\/d775615f2296ad0129fa3ea66346c628\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ed.gs\/#website\",\"url\":\"https:\/\/ed.gs\/\",\"name\":\"E\",\"description\":\"automation, consultancy, project management, web\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ed.gs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/ed.gs\/#\/schema\/person\/d775615f2296ad0129fa3ea66346c628\",\"name\":\"Ed\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/ed.gs\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4fe1dfaed09e6bdceb557d3008f5cc47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4fe1dfaed09e6bdceb557d3008f5cc47?s=96&d=mm&r=g\",\"caption\":\"Ed\"},\"url\":\"https:\/\/ed.gs\/author\/ed\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Two Way Active Directory Cross Domain Trust How-To - E","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/","og_locale":"en_GB","og_type":"article","og_title":"Two Way Active Directory Cross Domain Trust How-To - E","og_description":"As I’ve been doing this on more and more servers, so I thought it would be best to document the process. DNS Setup Open the DNS manager on the first server Expand the Forward Lookup Zones, right click on the primary zone (e.g. domain1.local) and click properties. Go to the zone transfers section and configure […]","og_url":"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/","og_site_name":"E","article_published_time":"2014-02-24T20:08:28+00:00","og_image":[{"width":2048,"height":1365,"url":"https:\/\/static.ed.gs\/wp-content\/uploads\/2014\/02\/24.jpg","type":"image\/jpeg"}],"author":"Ed","twitter_misc":{"Written by":"Ed","Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/","url":"https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/","name":"Two Way Active Directory Cross Domain Trust How-To - E","isPartOf":{"@id":"https:\/\/ed.gs\/#website"},"datePublished":"2014-02-24T20:08:28+00:00","dateModified":"2014-02-24T20:08:28+00:00","author":{"@id":"https:\/\/ed.gs\/#\/schema\/person\/d775615f2296ad0129fa3ea66346c628"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ed.gs\/2014\/02\/24\/two-way-active-directory-cross-domain-trust\/"]}]},{"@type":"WebSite","@id":"https:\/\/ed.gs\/#website","url":"https:\/\/ed.gs\/","name":"E","description":"automation, consultancy, project management, web","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ed.gs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/ed.gs\/#\/schema\/person\/d775615f2296ad0129fa3ea66346c628","name":"Ed","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/ed.gs\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4fe1dfaed09e6bdceb557d3008f5cc47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4fe1dfaed09e6bdceb557d3008f5cc47?s=96&d=mm&r=g","caption":"Ed"},"url":"https:\/\/ed.gs\/author\/ed\/"}]}},"_links":{"self":[{"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/posts\/3014"}],"collection":[{"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/comments?post=3014"}],"version-history":[{"count":0,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/posts\/3014\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/media\/3428"}],"wp:attachment":[{"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/media?parent=3014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/categories?post=3014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ed.gs\/wp-json\/wp\/v2\/tags?post=3014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}