Forest trust between Windows Server 2003 and 2012 R2

Posted: 20 March 2015 in Microsoft, Tutorials and guides
Tags: , , , , ,

Pain in the ass Microsoft… really?

If you want to migrate, connect, transfer, whatever to do between two domains there’s an captain obvious that says “create a trust”.

OK. If you want to create a trust between forests of Active Directory, you would just go to Active Directory Domains and Trust and create a trust… yea, but not with Microsoft.

Ok, stop shitty talk, I’ll just write how to do this:

1. If it is not working the problem accuratelly lies within the DNS configs.
2. For creating a relation between 2003 and 2012 the DNS’s must have a Conditional Forwarders configured.
3. For 2003 go to DNS > $domain > Properties > Forwarders > Add 2012 domain name and IP.
4. For 2012 go to DNS > Conditional Forwarders > New Conditional Forwarder > Add the 2003 domain name and IP.
5. Diagnose with nslookup is everything correct by typing on both servers like:

nslookup $domain2003 -type=ALL
nslookup $domain2012 -type=ALL

6. If everything is correct you can now create a trust.
7. Active Directory Domains And Trust > $domain2012 > Properties > Trusts > Add new trust.
8. Place a $domain2003 DNS name > Next > Forest trust > Transistive > Two-way *or not.
9. If you selected two-way it will automatically shown on the 2003 Server if placed correct credentials in the Trust Wizard tab.
10. You will try to validate these credentials on both servers to save the routing information and it will fail… Microsoft.
11. Just rebo0t both servers.
12. Done.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s