Hi All,
I am in process of creating trust between ADMIN domain and more than 20 staging domain's (domains in different forests). Domains are divided by firewall and all required ports were open (the same rules were added for all the connections BPOADMIN-STAGING). I want to allow ADMIN domain users to log in to STAGING domains. Before adding the trust i create a STUB zone on both domains, I was able to resolve BPOADMIN DC names using hostname and fqdn from STAGING dc's. I created a INCOMING forest transitive trust on BPOADMIN domain. In first 5 domains everything goes smooth, trust creation was succesfull, I was able to authenticate and add "bpoadmin\domain admins" to bultin local administrators group on staging dc.
Unfortunatelly I have weird problem with random domains... I am using the same procedure in all cases. The trust was created succesfully but I am not able to add the "bpoadmin\domain admins" to bultin local administrators group. I am receiving below alert:"the active directory domain controllers required to find the selected objects..."
Additionally even if the TRUST have succesfull state I am not able to open for example CMD using ADMIN domain credentials
'STATUS OF THE NAMES ASSOCIATED WITH THE TRUST
List of domain trusts:
0: BPOADMIN ...... (NT 5) (Direct Outbound) ( Attr: 0x8 )
1: staging.... (NT 5) (Forest Tree Root) (Primary Domain) (Native)
The command completed successfully
============
netdom verify stagingDC /domain:bpoadmin....
The secure channel from stagingDC to the domain BPOADMIN has been verified. The connection is with the machine \\dc.BPOADMIN