/
Getting Started with Campus AD

Getting Started with Campus AD

Owned by Sam Hunter
Last updated: Mar 18, 2022 by John Echeveste (Unlicensed)
1 min read

One-Way Trust Prerequisites: https://docs.google.com/document/d/1pMXxk6xyZykbab2n5oDhp9mMXa_ygGMrrhuNveu703Q/edit

  1. Domain name

  2. Department name

  3. Domain contact

  4. DNS server type (Windows or Other)

  5. IPs for each DNS server in the department domain

ServiceNow Request Form:
Information Technology Services > Advanced Technical Services > Identity and Access > Request Inbound Trust Relationship

Preparing Department Domains to Establish Trust:

  1. Set up Firewall rules on your domain controllers using one of the following two methods:

    1. Import the premade group policy object located on the MAUG github.
      OR

    2. Create firewall rules as shown in step 2 of prerequisite document

  2. Double check UTM policies and ACLs to ensure successful connections

  3. Verify Kerberos preauthentication on users in department domain

  4. Create conditional forwarders in department domain DNS for Campus AD

  5. Verify conditional forwarders work using ping/tracert

Establish 1-Way Inbound Trust with Campus AD: https://docs.google.com/document/d/19GoWyRaJK1igMhQQzFSH2sXf8ZLvby213RuNOqRH21Y/edit

  1. Verify conditional forwarders bidirectionally

  2. Create new trust relationship in Campus AD for department domain

  3. Share initial trust password (must match on both sides)

  4. Choose selective auth vs. forest wide authentication https://social.technet.microsoft.com/wiki/contents/articles/50969.active-directory-forest-trust-attention-points.aspx

  5. Test Campus AD user authentication in department domain

Related content

About Campus Active Directory (AD)
About Campus Active Directory (AD)
Microsoft Administrators User Group
More like this
Selective Auth Trusts - How to Limit Access
Selective Auth Trusts - How to Limit Access
Microsoft Administrators User Group
More like this