Nadim said:
Hi,
i have two forest(Advaced server) both's ip & subnet
is different.Now i want to connect both forest to each
other.
I tried in my level but i didnt get solution when i
tried to ping IP of another forest its saying Request time
out.
i am not make trust relationship also.
A)192.168.0.5
255.255.255.0
B)10.64.7.201
255.0.0.0
From
Nadim
First, fix the physical connectivty and then concentrate on trust,
authentication and name resolution.
1. if the ipaddresses of rootDCs are on distinct subnets, a router must
exist to steer/route packets. This can be achieved by adding a NIC on one
rootDC and configuring it's ipaddress/subnet to reside on same network as
the other forest's rootDC. RRAS must be configured to forward IP on that
route. Check the routing table for confirmation that a route exists. PING to
confirm connectivity. No Ping, no trust.
2. No trust relationship can be achieved if name resolution can't locate a
logon server. If you wish to create the trust between the 2 rootDCs, add an
entry to each other in their HOST files.
3. Your DNS servers may need to be configured appropriately in order to
resolve names for an external network. This may require configuring
forwarders on DNS servers to forward queries to external SOA.
4. Nothing prevents you from creating an additional external trust between 2
domains residing in distinct forests (if connectivity allows). Genarally
speaking, if you can't locate the DNS server which resolves the external
namespace, or if you can't have your local DNS server forward a client
query, no resources can be located/resolved.
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/stan
dard/x_createtrust.asp?frame=true
and
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/windowsserver2003/proddocs/standard/x_c_forestauthentication.asp