I have two separate domains that I need each users to authenticate in each domain (for Symantec reasons) so I have created a forest trust between them and seem to be missing a step somewhere along the line.
I have domain1.local (win2k8 R2) and domain2.local (Win2012R2) the steps I have taken so far are:
Created DNS forward zones on each domain and able to see each other when I run an NSlookup
Created the forest trust on both domains and confirmed this by a NLTEST /DOMAIN_TRUSTS and I have created a folder on domain2 and able to give permissions to individual users in domain1 but when doing the reverse I able to only see users such as Console Logon, Creator Owner etc and not individual network users.
I also need to create a Domain Local Security group in Domian1 and add users from Domain2, when I do this I get an error of ‘The System detected a possible attempt to compromise security’
And help and advice would be greatly appreciated