Parent - Child Domain Trust Relationship - Cannot modify trust

Tutorials Win: Microsoft Windows Forum

Hello,

I am not able to modify my trust relationship between a child and parent
domain. AD Domains and Trusts setup a two-way Transitive trust - shortcut
relationship. I do not want the parent domain trust the child, I do not want
users in the child domain to have access to the parent (one-way trust), but
the Remove button is grey out and I cann't add a trust because one already
exits. There appears to be no option to modify the settings.

Second, I attempted three times to create this child domain using Microsoft
Docs, it never worked. It doesn't create the child domain zone file, Even
though the DNS test during the Child's dcpromo tested good.

http://technet2.microsoft.com/windowsserver/en/library/e3f241b5-82a0-4c24-a56a-bfc00ce1b5c21033.mspx?mfr=true

After the child domain was created, replication failed due to DNS failure. I
ended up manually configuring DNS an setup the Child with DNS delegation. I
assume this the only way it will work? I don't know if the problems are
related to modifing my trust relationship now. My DNS and DS error event logs
went away.
http://support.microsoft.com/kb/255248

Thank you for your help. Don
Top

RE: Parent - Child Domain Trust Relationship - Cannot modify trust by DonB

DonB
Tue Mar 25 10:41:01 PDT 2008

I'm an idiot...

I found that a parent/child trust relationship is implicity established and
is not configurable.

I do have a question, Is there a document on exactly how to configue the
child DNS zone file on the parent DNS server should be configured before
adding a child domain? It doesn't appear that the zone file is created
during dcpromo and has to be manually created after dcpromo completes and use
DNS delegation.


"Don B." wrote:

> Hello,
>
> I am not able to modify my trust relationship between a child and parent
> domain. AD Domains and Trusts setup a two-way Transitive trust - shortcut
> relationship. I do not want the parent domain trust the child, I do not want
> users in the child domain to have access to the parent (one-way trust), but
> the Remove button is grey out and I cann't add a trust because one already
> exits. There appears to be no option to modify the settings.
>
> Second, I attempted three times to create this child domain using Microsoft
> Docs, it never worked. It doesn't create the child domain zone file, Even
> though the DNS test during the Child's dcpromo tested good.
>
> http://technet2.microsoft.com/windowsserver/en/library/e3f241b5-82a0-4c24-a56a-bfc00ce1b5c21033.mspx?mfr=true
>
> After the child domain was created, replication failed due to DNS failure. I
> ended up manually configuring DNS an setup the Child with DNS delegation. I
> assume this the only way it will work? I don't know if the problems are
> related to modifing my trust relationship now. My DNS and DS error event logs
> went away.
> http://support.microsoft.com/kb/255248
>
> Thank you for your help. Don
Top