Hi,
We have a customer that we have setup a one way external selective trust to. We have a VPN tunnel setup between us and them. We have 2 RODCs setup on our side for them that are in their domain. These RODCs can talk to their RWDCs and our RWDCs. We are not able to validate the trust unless our RWDC has a path back to their RWDC.
Can you not validate a trust against an RODC? Doesn't the RODC forward the request back to the RWDCs? We dont see any errors indicating what the issue is, just that there are no AD DCs available for the domain.
Yes all ports are open that are necessary. It just won't work unless our RWDCs can talk to their RWDCs.
Thanks.