Trust relationships between Windows 2000 forests are one-way and intransitive. A one-way trust relationship means...
that, if you have users in Forest A who need access to resources in Forest B, you'll need to set up one trust relationship.
But if you also have users in Forest B who need to access resources in Forest A, you'll need to set up a second trust going in the other direction. An intransitive trust relationship means that if Forest A trusts Forest B, and Forest B trusts Forest C, Forest A does -not- automatically trust Forest C - you'll need to set up a separate trust relationship directly between Forest A and Forest C.
To set up a cross-forest trust in Windows 2000, use Active Directory Domains and Trusts. The "trusted" forest is the forest containing the user accounts, the "trusting" forest is the one containing the resources. If you need the trust relationship to work in both directions, you'll set up two trust relationships, reversing the "trusted" and "trusting" forest for the second one.
Server Management Learning Guide: How to Design a Server Room
Access Site Expert Bernie Klinder's learning guide now and read about an eight-step plan to help you design a data center your company will appreciate and you can be proud of!
Related Q&A from Laura Hunter
Active Directory expert Laura E. Hunter explains to a reader what must be done to change the default display specifiers for new users in Active ...continue reading
Active Directory expert Laura E. Hunter tells a reader what to keep in mind when deleting subnets associated with sites being removed in an ...continue reading
Active Directory expert Laura E. Hunter offers a tip for shortening client wait times.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.