none
RDS 2016 farm - two forests with one way trust and PAM (MIM) RRS feed

  • Question

  • Hi, I have set up RDS 2016 farm in forest A (2 WA, 2 CB and 2 SH servers). Having done that, session host sitting in other forest B was added to the RDS farm. There are two collections, one with apps published on 2 SH servers in forest A and the other one with apps published on SH in forest B. Adding SH from forest B and collection creation/app publishing on it were done with TWO-WAY trust between forest A and forest B.

    Having removed trust (forest A trusts forest B) leaving me with ONE-WAY trust I can access applications published on SH in forest B by using PAM request and proper rights were passed through. Problem is that now, with one-way trust in place, I can not publish new apps on SH in forest B neither with GUI or PowerShell.

    

    Since this RDS farm is part of Active Directory Red Forest design (ESAE) having two-way trust between forest(s) defies purpose of whole project. Is there any solution for this or only way to publish new apps on SH in forest B is to temporarily recreate other trust direction (forest A trusts forest B) which would certainly be turned down?

    Thanks in advance!

    • Edited by BoxiKG Friday, July 19, 2019 10:25 AM
    Friday, July 19, 2019 10:13 AM

All replies