Ask the Expert

How can I create a cross-forest trust between Windows 2000 servers?

I have two Windows 2000 Servers in different forests. I want to enable a cross-forest so both are running Exchange 2000 Server. How can I establish trust between servers?

Requires Free Membership to View

Trust relationships between Windows 2000 forests are one-way and intransitive. A one-way trust relationship means that, if you have users in Forest A who need access to resources in Forest B, you'll need to set up one trust relationship.

But if you also have users in Forest B who need to access resources in Forest A, you'll need to set up a second trust going in the other direction. An intransitive trust relationship means that if Forest A trusts Forest B, and Forest B trusts Forest C, Forest A does -not- automatically trust Forest C - you'll need to set up a separate trust relationship directly between Forest A and Forest C.

To set up a cross-forest trust in Windows 2000, use Active Directory Domains and Trusts. The "trusted" forest is the forest containing the user accounts, the "trusting" forest is the one containing the resources. If you need the trust relationship to work in both directions, you'll set up two trust relationships, reversing the "trusted" and "trusting" forest for the second one.


Server Management Learning Guide: How to Design a Server Room
Access Site Expert Bernie Klinder's learning guide now and read about an eight-step plan to help you design a data center your company will appreciate and you can be proud of!

This was first published in January 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: