Here's a great one for the experts!!
Main Site LC Domain
LCDC1, LCDC2, LCDC3
Remote Site LC Domain
LCDC4
Newly Purchased Company NA Domain
NADC1, NADC2, NADC3
We have established comms between LC and NA sites but the issue is that LCDC1,2 & 3 are on a subnet we are unable to route to NA. The only domain controller able to communicate with NA is at a remote site LCDC4. DNS (conditional forwarders) is up and working. Servers in all three locations can talk to each other (apart from LCDC1,2,3) DNS resolves to correct IP but obviously due to network comms they dont repond.
Therefore I have logged into LCDC4 and established a one way external trust to NA. Everything worked to a point. I was able to validate the trust on NADC1 but not on LCDC4. The error coming back is 'The secure channel (SC) reset on domain controller. LCDC1 There are currently no logon servers to service this request'.
Looks to me like LCDC1 is trying to validate the trust with NA site. Can I force trust comms only between LCDC4 and NA site? I've read a great blog post where someone had something similar but our setup only has LC and NA domains.
One way trust is all that's required. We just need to provide NA with LC resources. Currently I can login to an LC domain controller and see NA accounts so I can add to AD groups. I'm just worried that because LC can't verify something might go wrong in the future.
Please help!