1- Create DNS stubzone for each other domains or set up conditional forwarding.
- – New Zone on DNS – Choose stub zone
- – To all DNS servers running on domain controllers in this domain/forest
- – Zone name should be called domain name of other domain
- – Type in a DNS server in the other domain
- – Click on stub zone and select transfer from master
- – Refresh stub zone and you should now see the other DNS zone
2- Create the one way trust
- – One-Way outgoing on domain with resources that need to be accessed (contoso.com)
- – External
- – One way outgoing
- – This domain only
- – Selective Authentication
- – Trust password
- – Don’t confirm trust
- – One-way incoming on domain with the user accounts that need access (fabrikam.com)
- – External
- – One Way incoming
- – this domain only
- – Enter trust password
- – Confirm the Trust with contoso.com admin account
- – Confirm the outgoing trust on contoso.com
3- Create Global security group on fabrikam.com for users that need access to contoso.com
4- On contoso.com add fabrikam.com user group to computers security permissions
5- Give Permission that allow authentication(Check Allowed to authenticate on security of the object they need access to)