RE: Trust relationship

• From: David Dellanno <david@xxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 17 Aug 2001 17:16:11 -0400

Hi Teresa,
        You have the option to add a stronger security using the
trust-relationship, I had a discussion with a Microsoft Consultant about
this was not necessary since you are provided with the security and
centralized database of Active Directory.  The trust-relationship setup is
the same as for NT4.0 there isn't any changes.  Once you have established
the trust, you need to move the Global Group from the User Account Domain to
the Local Group of the Resource Domain (ISA Member Server).  Verify that you
can resolve the NetBIOS name of both domains.

Old-proxy notes
·       In multiple Windows NT domain environments, there are cases in which
internet users can access Proxy Server,  In this environment you may
consider setting up the Proxy server as a primary domain controller (PDC)
with its own domain with a single one-way trust relationship to another
domain on your private network.  In this relationship, the domain used for
Proxy Server is the trusting domain and another internal domain is specified
as the trusted domain.-----Original Message-----
From: Theresa Call [mailto:tcall@xxxxxxxxxxxxxx]
Sent: Friday, August 17, 2001 4:19 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Trust relationship


http://www.ISAserver.org


For added security I have set up our ISA server in a seperate forest from
the other domains on the network.  According to the Shinder "ISA bible" I
will need to set up a one-way trust relationship with the ISA domain
trusting the domain where the user and client computer accounts are
located.

How specifically do I accomplish this?  When I establish a trust either
direction the user domain verifies that all is ok, but the ISA domain
comes back with an error that it can't find the RPC on the Primary Domain
Controller.  I've checked the services running on both domains and RPC
appears to be functioning.

Detailed help will be very much appreciated.

Thanks!
Theresa

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
david@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Trust relationship
• » RE: Trust relationship
• » RE: Trust relationship
• » RE: Trust relationship
• » RE: Trust relationship

1. Home
2. isalist
3. Archive
4. 08-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---