Hello group, We have two forests in our network running Windows server 2003 that I'm trying to establish a two-way trust relationship between. Previously, we had tried this, but ran into problems with users getting locked out on our 'main' forest (we found that it would happen when users tried to login to webmail--Exchange 2003, which is on our 'main' forest). Users on our network have user objects on both Windows Forests/Domains, which we'd like to eliminate. In someone, the dual user accounts I'm sure is what led to issues with account lockouts. Since the 'secondary' domain is critical to our daily operation, we absolutely can not have any downtime. Any thoughts would be greatly welcomed! Chris

Hi Chris, Can you try to validate the forest trust from domain and trusts? U can try to recreate the trust and make sure routes are setup between subnets. MCTS...

Hi Marius, I've since removed the trust that I had established.

Users on our network have user objects on both Windows Forests/Domains, which we'd like to eliminate. Hi, If so, you need to export user objects from both domains for comparing. You can use LDIFDE to export the user objects. For the detailed information, please refer to the following Microsoft TechNet article: Step-by-Step Guide to Bulk Import and Export to Active Directory http://technet.microsoft.com/en-us/library/bb727091.aspx Regards, Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.