TRUST RELATIONSHIP
Pre-requisites: Before working on this lab, you must have
1. A computer running Windows Server 2012Domain Controller for MICROSOFT.COM.
2. A computer running Windows Server 2012 Domain Controller for IBM.COM.
Domain:MICROSOFT.COM
Domain:IBM.COM
SYS1
Domain Controller-MICROSOFT.COM
IP Address 10.0.0.1
Subnet Mask 255.0.0.0
Preferred DNS 10.0.0.1
Alternate DNS 10.0.0.2
SYS2
Domain Controller-IBM.COM
IP Address 10.0.0.2
Subnet Mask 255.0.0.0
Preferred DNS 10.0.0.2
Alternate DNS 10.0.0.1
1. Go to Active Directory Domains and Trusts,
2. Right click the Domain name and select Properties.
3. Verify Domain and Forest functional level to be Windows Server 2012.
4. Select Trusts tab,Click New Trust.
5. On Welcome wizard, click Next.
6. In Trust Name,enter name of other ForestIBM.COM and click Next.
7. Select Forest trust and click Next
8. Select Two-way and click Next.
9. Select Both this domain and the specified domain and click Next.
10. Enter Administrator and Password of Specified domain:IBM.COM and click Next
11. Select Forest-wide authentication for Local Forest and click Next.
12. Select Forest-wide authentication for Specified Forest and click Next.
13. Verify the Trust Selections and click Next.
14. Verify the Summary and click Next.
15. Select Yes, confirm the outgoing trust and click Next.
16. Select Yes, confirm the incoming trust and click Next.
17. Click Finish.
18. Check Outgoing and Incoming Trusts and click OK.
Verification:
1. Try to Logon on to MICROSOFT.COM domain computers or IBM.COM domain computers as other Domain Users.
Note:By default Users cannot log on to D.C.
2. Log in as MICROSOFTAdministrator to MICROSOFT.COM D.C and allow IBM users to log on to D.C using Domain Controller Security Policy in Group Policy Management.(Allow Logon Locally Policy)
3. Similarly allow MICROSOFT.COM users to log on to IBM.COM D.C using Domain Controller Security Policy of IBM.COM D.C.
Pre-requisites: Before working on this lab, you must have
1. A computer running Windows Server 2012Domain Controller for MICROSOFT.COM.
2. A computer running Windows Server 2012 Domain Controller for IBM.COM.
Domain:MICROSOFT.COM
Domain:IBM.COM
SYS1
Domain Controller-MICROSOFT.COM
IP Address 10.0.0.1
Subnet Mask 255.0.0.0
Preferred DNS 10.0.0.1
Alternate DNS 10.0.0.2
SYS2
Domain Controller-IBM.COM
IP Address 10.0.0.2
Subnet Mask 255.0.0.0
Preferred DNS 10.0.0.2
Alternate DNS 10.0.0.1
1. Go to Active Directory Domains and Trusts,
2. Right click the Domain name and select Properties.
3. Verify Domain and Forest functional level to be Windows Server 2012.
4. Select Trusts tab,Click New Trust.
5. On Welcome wizard, click Next.
6. In Trust Name,enter name of other ForestIBM.COM and click Next.
7. Select Forest trust and click Next
8. Select Two-way and click Next.
9. Select Both this domain and the specified domain and click Next.
10. Enter Administrator and Password of Specified domain:IBM.COM and click Next
11. Select Forest-wide authentication for Local Forest and click Next.
12. Select Forest-wide authentication for Specified Forest and click Next.
13. Verify the Trust Selections and click Next.
14. Verify the Summary and click Next.
15. Select Yes, confirm the outgoing trust and click Next.
16. Select Yes, confirm the incoming trust and click Next.
17. Click Finish.
18. Check Outgoing and Incoming Trusts and click OK.
Verification:
1. Try to Logon on to MICROSOFT.COM domain computers or IBM.COM domain computers as other Domain Users.
Note:By default Users cannot log on to D.C.
2. Log in as MICROSOFTAdministrator to MICROSOFT.COM D.C and allow IBM users to log on to D.C using Domain Controller Security Policy in Group Policy Management.(Allow Logon Locally Policy)
3. Similarly allow MICROSOFT.COM users to log on to IBM.COM D.C using Domain Controller Security Policy of IBM.COM D.C.
Comments
Post a Comment