Connecting 2 Wk3 AD servers in two different location

[WhiteJul]

I have two Windows 2003 servers, in two separated network locations (more
than 1,000 miles), both environments has high speed internet connection. How
can I connect them together so we can share resources and use single domain
user accounts for both domains?

Thanks
White

 

[Jorge de Almeida Pinto]

if both have w2k3 dcs and are at forest functional level windows server 2003
you can create a forest trust, otherwise you can create an external trust

the procedure to setup a trust is explained in:
for external trust
http://www.microsoft.com/technet/pr...elp/b30ef067-746e-4453-b879-804259aafdd3.mspx

for forest trust
http://www.microsoft.com/technet/pr...elp/7929b0c4-efe1-409c-99e3-efe9815f426d.mspx

 

[WhiteJul]

I would need to do the External Trust. I got a little stuck when entering
the "DNS name". Does this mean to enter SERVER2.DOMAIN2.COM on the first
domain and SERVER1.DOMAIN1.COM on the second domain?
If that is the case, should I need to create DNS records for "server2" and
"server1" tin their respective 2k3 servers? Do I have to create child name
servers? A records? Cnames?
Thanks for any assistance.

"Jorge de Almeida Pinto"

 

[Jorge de Almeida Pinto]

no, you need to enter the name of the domains which is the FQDN... e.g.
domain.com

To be able to setup the trust you need name resolution between the forests.
For that several options exist:

* Configure conditional forwarders on both sides
* Create on each side a secondary zone of the AD zone of the other side
* Create a stub zone of the AD zone of the other side

See also:
http://www.microsoft.com/technet/pr...elp/15dfdd7f-3a7f-4d6f-a2b0-569462fb4432.mspx

and look at the name resolution part

Cheers,
Jorge