+ Reply to Thread
Results 1 to 4 of 4
  1. Member
    Join Date
    Feb 2007
    Location
    Toronto
    Posts
    72

    Certifications
    MCSE 2003
    #1

    Default Real Life Senario

    Hello All,

    I need some help with the following project that I am trying to implement in my work place.

    MY AD Domain Structure is Simple, I have a root Domain (ABC.COM) with two Child Domains (DEF.COM) and (GHI.COM) all running with BiDirectional Trusts in place and FULL AD replication.

    I have created a new Root-Child Domain for a new web portal project we are implementing.

    I do not want any AD Replication from my current AD to this new external Domain. This will be solely used for authentication for the portal application.

    My BIG question is what type of Trust do I need so that users from my external AD can authenticate for both domains ?

    Cheers
    Colin

    Let me know if you need any further info.
    Reply With Quote Quote  

  2. SS -->
  3. Infrequent Poster Silver Bullet's Avatar
    Join Date
    Aug 2004
    Posts
    677

    Certifications
    A+, Network+, Server+, APS, MCP, MCSA:M 2003 MCSE 2003 MCTS(70-649), VCP3, VCP4, VCP5, TCSE, CCNA, DCUCSS, CCNP, CCIE
    #2
    I believe that you will need a One-Way Trust in which your external domain will trust the domains that hold the accounts that need access to the external domain's resources.

    external.com trust adc.com
    external.com trust def.com
    external.com trust ghi.com

    BTW, def.com and ghi.com aren't child domains to abc.com in your example. They are seperate domains. It would be def.abc.com and ghi.abc.com to be child domains of abc.com
    Reply With Quote Quote  

  4. Member
    Join Date
    Feb 2007
    Location
    Toronto
    Posts
    72

    Certifications
    MCSE 2003
    #3
    Thanks for your response SilverBullet,

    Yeah your right about my domain structure. I guess I was in a rush typing.....
    Reply With Quote Quote  

  5. Member
    Join Date
    Feb 2007
    Location
    Toronto
    Posts
    72

    Certifications
    MCSE 2003
    #4
    Hey Silver Bullet,

    Just want to confirm the best DNS solution for the above, I have already configured it with a Primary Zone, but do you think I should delete that and change it to a STUB Zone ?

    Cheers
    Colin
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks