1a. On the source DNS servers, allow the remote DNS servers to do zone transfers. On the remote DNS servers, set up the domains as secondaries.
1b. You didn't ask about WINS, but do the same thing for WINS (it's called replication partners in WINS). If you aren't using WINS, I suggest you do. Otherwise, (1a) needs to be more complicated in order to deal with short-name resolution. 2. It's no different as long as short name resolution works (see 1b). If short name resolution doesn't work, you'll need to either learn about DNS suffixes (which makes 1a and DHCP more complicated) or use fully qualified domain names in your share UNCs. Note that you'll need to do work on Share Permissions AND NTFS permissions for remote users to access shares. Other: ensure that everyone has a UPN set and that you aren't using the same UPN in both forests. For more information about UPNs, see http://theessentialexchange.com/blogs/michael/archive/2007/11/13/the-user-pr inciple-name-and-you.aspx. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, September 15, 2008 8:49 AM To: NT System Admin Issues Subject: Dumb question #2 - trusts For the past 12 years we have existed as an independant network from our main HQ in New York. (We're in Illinois.) New CIO wants the network all merged into one "domain". (This is messy in part because our NT domain ends with ".int", and theirs ends with ".org", which is the same as our public domain name. We'll skip this for now...) Oh yeah, both offices Win2003 AD "native". I asked about this months ago, and I was told that a full two-way trust would solve nearly everything. (The alternative I was told was to install a brand new forest and move all nodes, users, etc into that - messy again!) So, now that we have a brand new WAN set up between us and NY, we're ready to set up the trust. I know how to establish the trust. What I had a hard time finding last night was what happens once the trust is established. Specifically: 1. DNS - do the domains exchange and load zone information automagically,or is it fairly straight forward adding the zone information via browsing? 2. SHARES! This is the big one... How does one set up shares for company file folders, etc between the two domains? With one domain, the UNC was "\\server\share". Now that there are two sets (two domains) of servers, can one continue to use UNC naming? If so, how is this done? I'd hate to be told that network resources now need IP address and that UNC is out! I figure things like local users being able to log into workstations in the other domain are set via group policy... Thanks! Back to Googling and searching Technet... -------------------------------------- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
