+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 22
Windows Server 2000/2003 Thread, Setting up a trust between servers. in Technical; Hi all I'm after a bit of guidance. I want to set up a trust between our Admin and Pass ...
  1. #1
    steve_nfi's Avatar
    Join Date
    Nov 2007
    Location
    Central London
    Posts
    290
    Thank Post
    149
    Thanked 24 Times in 20 Posts
    Rep Power
    18

    Question Setting up a trust between servers.

    Hi all
    I'm after a bit of guidance.
    I want to set up a trust between our Admin and Pass servers.
    Is it very difficult? Could someone give me a bit of advice or point me in the direction of a good manual?
    We had a trust set up in my last school but I didn't have any involvement in that. It was already there.
    Thanks

  2. #2

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    10,417
    Thank Post
    1,109
    Thanked 2,095 Times in 1,475 Posts
    Rep Power
    652
    Me too - help, someone?

  3. #3
    DrPerceptron's Avatar
    Join Date
    Dec 2008
    Location
    In a house
    Posts
    849
    Thank Post
    32
    Thanked 120 Times in 102 Posts
    Rep Power
    37
    Understanding Trusts: Active Directory

    Technet is somewhere I've found a starting point for anything I've done, it generally walks you through pretty much every step that's there and explains it all too.

  4. Thanks to DrPerceptron from:

    steve_nfi (2nd June 2009)

  5. #4

    Join Date
    Mar 2008
    Location
    Surrey
    Posts
    2,161
    Thank Post
    95
    Thanked 318 Times in 260 Posts
    Blog Entries
    4
    Rep Power
    111
    I'm slightly confused, are we talking about trusts between domains in different forests here, or is there some sort of trust you can set up between individual servers?

  6. #5
    steve_nfi's Avatar
    Join Date
    Nov 2007
    Location
    Central London
    Posts
    290
    Thank Post
    149
    Thanked 24 Times in 20 Posts
    Rep Power
    18
    It's a trust between 2 servers on different domains. Not in different countries or parts of the country but standing next to each other. Users on one domain need access to certain parts of the other.

  7. #6

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,402
    Thank Post
    797
    Thanked 1,591 Times in 1,394 Posts
    Blog Entries
    10
    Rep Power
    428
    Quote Originally Posted by steve_nfi View Post
    It's a trust between 2 servers on different domains. Not in different countries or parts of the country but standing next to each other. Users on one domain need access to certain parts of the other.
    You will have to trust the whole domain not just one server. I have done it myself and its pretty easy. Are the Domains on the same LAN?

  8. #7

    Join Date
    Mar 2008
    Location
    Surrey
    Posts
    2,161
    Thank Post
    95
    Thanked 318 Times in 260 Posts
    Blog Entries
    4
    Rep Power
    111
    As FN says, it is fairly easy but it does have to be trust of the whole domain.

    Or rather you have to set up a domain trust, then you can choose which assets from the foreign domain are trusted to access which resources, almost in the same way as you would with your own users.

  9. #8
    steve_nfi's Avatar
    Join Date
    Nov 2007
    Location
    Central London
    Posts
    290
    Thank Post
    149
    Thanked 24 Times in 20 Posts
    Rep Power
    18
    The Admin network is setup a Vlan. Would this make a difference? Its fine for the trust to be for the whole domain.

  10. #9

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    10,417
    Thank Post
    1,109
    Thanked 2,095 Times in 1,475 Posts
    Rep Power
    652
    The info provided only mentions server 2000 and server 2003. Our trust would be between a server 2003 and server 2008

    Basically we need to be able to access SIMS which is on our admin network for the VLE and parental engagement, registration and the like. Our new server will be 2008, the admin one is 2003.
    Will the 2003 instructions work for both?
    Last edited by witch; 3rd June 2009 at 10:34 AM.

  11. #10

    Join Date
    Mar 2008
    Location
    Surrey
    Posts
    2,161
    Thank Post
    95
    Thanked 318 Times in 260 Posts
    Blog Entries
    4
    Rep Power
    111
    What're the domain levels of the two domains?

    http://technet.microsoft.com/en-us/l.../cc816837.aspx - you can create a trust between a 2008 and a 2003 domain.

  12. #11
    steve_nfi's Avatar
    Join Date
    Nov 2007
    Location
    Central London
    Posts
    290
    Thank Post
    149
    Thanked 24 Times in 20 Posts
    Rep Power
    18
    Mine are 2000 for the admin network and 2003 for the curriculum. Hopefully later this year they will both be 2003. A bit behind the times here.

  13. #12

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    10,417
    Thank Post
    1,109
    Thanked 2,095 Times in 1,475 Posts
    Rep Power
    652
    Quote Originally Posted by jamesb View Post
    What're the domain levels of the two domains?
    Sorry, I don't know what that means

  14. #13
    DrPerceptron's Avatar
    Join Date
    Dec 2008
    Location
    In a house
    Posts
    849
    Thank Post
    32
    Thanked 120 Times in 102 Posts
    Rep Power
    37
    I do believe if you right click your domains in Active Directory Users and Computers (or Domains and Trusts) you can choose a "Domain Functional Level" from the menu and that should tell you.

  15. #14

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,512 Times in 1,206 Posts
    Rep Power
    328
    Chances are if you don't know the domain level, it'll be the default which is '2000 Mixed'. Setting up trusts are fairly straight forward, but in the longterm I would look at merging the admin domain (typically very small) with the curriculum domain.

    With NTFS permissions and security groups, locking down shares is straight forward. It's not like the Windows 9x days where security was more of an issue. The other advantage (in my experience) is less administrative time involved. Only one Sophos AV and WSUS setup required instead of two (one for each domain).

  16. #15


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,222
    Thank Post
    218
    Thanked 812 Times in 694 Posts
    Rep Power
    274
    Quote Originally Posted by Michael View Post
    Chances are if you don't know the domain level, it'll be the default which is '2000 Mixed'. Setting up trusts are fairly straight forward, but in the longterm I would look at merging the admin domain (typically very small) with the curriculum domain.

    With NTFS permissions and security groups, locking down shares is straight forward. It's not like the Windows 9x days where security was more of an issue. The other advantage (in my experience) is less administrative time involved. Only one Sophos AV and WSUS setup required instead of two (one for each domain).
    setting up the trust is easy if you have admin access to both domains and the networks are in some way connected.

    id love to merge the networks but there are certain admin progs that have to be run on a x.x.even.100 whereas curric is x.x.odd.x so certain stuff would fail and in most of the schools i support i ONLY do curriculum (well in theory most admin support contracts (leeds atm is a joke for this) are pants and i end up doing everything but sims) i have one school where the lea's isp have installed a sisko (arrrggghhhhh) wireless setup (needs a gpo applied and a certificate ffs its a primary school not a bank) and the head keeps on at me to put her laptop on it (i had no involvement in the setup i just know how to connect domain pcs). That school also intend to run sims on curric pcs from september via a trust it does work as ive done it elsewhere (just badly as the lea set up sisko router between the networks only allows the top 32 ips to see the admin network) so i have to find the mac address of all the staff laptops and install sims via a trust (though i think ill just create a script to copy the sims inst dir to my server) that atm is only one way (to curriculum) and i have no access to admin fun aint it

    as to sophos id rather have no av it would fix as many problems and wouldnt cripple pcs performance lol

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Setting network save setting in Kar2ouche
    By Little-Miss in forum Windows
    Replies: 3
    Last Post: 12th December 2011, 03:44 PM
  2. RBC's - do you trust them?
    By KWestos in forum General Chat
    Replies: 0
    Last Post: 7th May 2009, 03:11 PM
  3. Becoming a Trust school...
    By wagnerk in forum General Chat
    Replies: 3
    Last Post: 28th October 2008, 01:26 PM
  4. Domain Trust
    By ful56_uk in forum Windows
    Replies: 12
    Last Post: 14th April 2008, 10:47 PM
  5. Trust Help
    By Ric_ in forum Windows
    Replies: 7
    Last Post: 20th October 2005, 06:03 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •