none
Unable to access tree domain from root domain in a single forest

    Question

  • Hi everyone,

    I have two domains, a root domain (yourdomain.com) and tree domain (ourtreedomain.com) in a single forest in my test environment. I want to migrate objects from tree domain to root domain. For this, it is necessary that the domains should be accessible from both sides. But I am unable to access tree domain from root domain (However, I can access root domain from tree domain).

    What could be the issue? A tree-root trust is automatically established during deployment and I can see the tree domain (ourtreedomain.com) in domain and trust snap-in of yourdomain.com.

    Earlier in my setup, there was no issue between child domain and root domain in same forest. Attached figures will make you clear about how both domains are deployed in forest. 

    Thank you,
    Karim


    Tuesday, April 25, 2017 3:51 PM

Answers

  • Hi Karim,
    Please check what DNS address  the DC in the child domain is pointing to.
    If the DC in this root domain is installed as DNS, i would suggest you point the DNS address of child domain into IP adress of DC in the root domain.
    in addition, please check if the time in the child domain is synced correctly with root domain.

    Best regards,
    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com


    Sunday, April 30, 2017 2:44 AM
    Moderator

All replies

  • > Earlier in my setup, there was no issue between child domain and root domain in same forest. Attached figures will make you clear about how both domains are deployed in forest.

    Make sure the domain is resolvable, all DCs are resolvable, and all required ports are open. Especially 389,135.

    Tuesday, April 25, 2017 3:57 PM
  • Hi Martin,

    Thank you for your reply,

    Firewall is turned off and I am unable to resolve the domain which is the actual problem,

    Do you have any idea?

    Karim

    Tuesday, April 25, 2017 4:35 PM
  • Hi Karim,
    Please check what DNS address  the DC in the child domain is pointing to.
    If the DC in this root domain is installed as DNS, i would suggest you point the DNS address of child domain into IP adress of DC in the root domain.
    in addition, please check if the time in the child domain is synced correctly with root domain.

    Best regards,
    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com


    Sunday, April 30, 2017 2:44 AM
    Moderator
  • Hi Wendy,

    Yes, there was DNS connectivity problem and I have resolved.

    Thank you,

    Karim

    Sunday, April 30, 2017 1:18 PM