Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

How to establish a trust relationship between two different forest root domains

2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/03 Report--

How to establish a trust relationship between two different forest root domains

Label: Zhang Zhaosen

Step: IP address of DC: 192.168.1.1 (DC1)

Domain name: benet.com

2. The IP address of another forest root domain: 192.168.1.2 (DC2)

DNS don't point to the main DC, because it has nothing to do with the main DC.

3. Install DC

4. Create a transponder

5. Establish a relationship of trust

The steps of the experiment:

1. Install DC and choose to create a new domain tree in the new forest.

2. Enter the domain name of the new domain here

3. the choice of forest function is the highest.

4. Choose the next step here until this appears.

A hint, the choice here is

Still choose yes until it shows up here.

Enter the password. The password here is that you mistakenly deleted the data on DC.

The password used to restore

6. Check "restart the computer after completion" and wait for the installation to complete.

7. Start working as a transponder. Open DNS first.

8. Right-click the server and select "Properties"

9. Select "transponder" and select "Edit"

10. Enter the IP address of the DC to be connected here, as follows:

That's the IP address of DC2: 192.168.1.2

11. Do the same steps in another forest root domain, but

The transponder points to the main DC, the IP address of DC1: 192.168.1.1

That is, DC1 points to DC2's IP address.

And DC2 points to the IP address of DC1

Type cmd first, and then go to ping the domain name to see if ping is connected.

13. Prove that you can communicate with ping here, and then do the trust relationship.

14. Open the AD user and computer on the main DC

15. Right-click the domain name and select "Properties"

16. Choose trust when you choose to create a new trust relationship

17. Enter the domain name to be trusted here: that is, the domain name of DC2 (accp.com)

18. the two-way here means that both sides can access each other.

One-way introversion: a domain that I can access, but no other domain can access me

One-way gossip: other domains can access me, but I can't access other domains

Choose according to job requirements

19. Choose the second item here

20. Enter the administrator and password of the trusted domain here

21. Choose the second item here

22. Choose Yes to send information to the domain you want to trust

23. Here is also the click Yes

24. Click finish.

25. Now two different forest root domains can access each other.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report