Sunday, December 9, 2012

Create a trust in Windows Server 2003, 2008 and 2012- Part-1


Background

First a quick overview of the lab environment that lay the ground for this articles series. As mentioned we have two Active directory forests.
Exchange forest 1
This Active Directory forest is based on Windows 2003 R2
Domain: 2K3.com
IP: 192.168.50.1
Forest Functional Level: Windows 2003
Domain Functional Level: Windows 2003
Exchange Forest 2
This Active Directory forest is based on Windows 2008 R2
Domain: 2K8.com
IP Address: 192.168.50.100
Forest Functional Level: Windows 2003
Domain Functional Level: Windows 2003
Exchange Forest 3
This Active Directory forest is based on Windows 2012
Domain: 2K12.com
IP Address: 192.168.50.200
Forest Functional Level: Windows 2003
Domain Functional Level: Windows 2003

Prerequisites

Before a trust can be established, DNS must be setup between the two domains; this can be accomplished in a few different ways by using DNS zones, conditional forwarders, or active directory federation services.  For how to set up a DNS zone, you can reference below.  Also, the two domains must have the same or close to the same forest functional level.  
Verify the checklist http://technet.microsoft.com/en-us/library/cc770907.aspx
You can check the forest functional level by going to Administrative Tools -> Active Directory Domains and Trusts.  Then, right-click on the forest root and select Raise Forest Functional Level.




Check the Forest Functional Level Windows Server 2003 R2

Check the Forest Functional Level Windows Server 2008 R2
Check the IP Address settings and Network Communication

First check the IP address setting of the all Windows Server 2003, 2008 and 2012


                  IP Address setting 2003 Server

IP Address setting 2008 Server

             IP Address setting in Server 2012

Check the server network communication with each server

Windows Server 2003 R2 to Windows Server 2008 R2

Set up a DNS zone


Forest 1-Server 2003 (2K3.com}
Go to Start --ProgramsàAdministrative Tools- DNS-Right Click on Forward Lookup Zones

Click on New Zone


Click Next

Select Secondary zone- Next

Give the target DNS (domain) name - next

Give the target forest domain IP address- next


Click on finish


Now you can see the both source and target DNS zone in DNS console



No comments:

Post a Comment