Hi,
I have an issue whereby I create a forest trust using PowerShell and .NET (https://docs.microsoft.com/en-us/dotnet/api/system.directoryservices.activedirectory.forest?view=netframework-4.7.2) but I cannot use that trust for a period of up to 18 minutes (so far as I have found)
I have 2 domain controllers in one forest and 1 domain controller in another forest. I create the trust and event id 4706 (trust created) get's created on a domain controller (not the pdc). Up to 18 minutes later event id 4865 (trust updated) gets created twice on the PDC and only then can I use the trust (as in add users from one forest into groups in another forest).
I have run the verify command on both sides without any luck.
If the event id 4706 gets created on the PDC then all works fine.
replsummary and dcdiag do not pick up any issues
Any help would be greatly appreciated... am pulling what little hair I have left out on this one
Shane