How to configure a one way trust in Server 2019

Step 1 – configure DNS on domain 1 so it can find domain 2.
1. Open DNS Manager on domain1 and create a forward lookup zone.
2. Right click Forward Lookup Zone and choose New Zone – Next – Stub zone.
3. To all DNS servers in this DOMAIN – next – Zone name:  domain2.com – next.
4. Enter the IP address of the dns server for the trusted domain (domain2) then enter for it to resolve – Next – Finish.
5. Open command prompt and ping new stub zone “ping domain2.com” and verify reply.

Step 2 – configure DNS on domain 2 so it can find domain 1.
1. Open DNS Manager on domain2.com and create a forward lookup zone.
2. Right click Forward Lookup Zone and choose New Zone – Next – Stub zone.
3. To all DNS servers in this DOMAIN – next – Zone name:  domain1.com – next.
4. Enter the IP address of the dns server (domain1) for the trusted domain then enter for it to resolve – Next – Finish.
5. Open command prompt and ping new stub zone “ping domain1.com” and verify reply.

Step 3 – Configure trust on Domain 1.
1. Open Server Manager – AD DS – AD Domains and Trusts.
2. Right click domain1.com – properties – Trusts tab – Click New Trust…
3. Choose a name for the trust (I use the domain name I’m allowing access) – Next.
4. Choose appropriate Trust Type (External in my example) – Next.
5. Choose your desired direction. In this video I’m setting up a One-way: outgoing. This allows the door to domain 1 to open out so that the other domain2 can come in. Users in domain 2 can authenticate and log in to domain 1.
6. Choose Sides of Trust. This domain only.
7. Choose Outgoing Trust Authentication Level – Domain wide is easier as it allows all workstation log ins. 
Selective authentication – you will need to grant access to each server or workstation or use groups. I’m using Selective authentication for this video.
8. Create a trust password – Next. Review summary – Next – Next.
9. Confirm if the other side has already been created – this video – no – Finish.

Step 4 – Configure trust on Domain 2.
1. Open Server Manager – AD DS – AD Domains and Trusts.
2. Right click domain2.com – properties – Trusts tab – Click New Trust…
3. Choose a name for the trust (I use the domain name I will access) – Next. 4. Choose appropriate Trust Type (External in my example) – Next.
5. Choose your desired direction. In this part I’m creating a One-way: incoming.
6. Choose Sides of Trust. This domain only.
7. Enter same password you created in previous trust creation.
8. Review summary – Next – Next
9. Confirm Incoming Trust if you want. Next – Finish!

How to map Google Drive in Windows

Steps:

1. Download and install Google Filestream.

2. Sign in with your Google account that has access to the drive you want to mount.

3. Open file explorer to access your newly connected Google drive. 

To disconnect Google Drive mapping or to switch accounts: 

1. Open Filestream in the system tray / taskbar area of Windows

2. Right click it -> Gear icon -> preferences -> switch or disconnect account

How to make a password reset website for AD users Windows Server 2012r2

In the past, you could use the IISADMPWD to make a website for your Active Directory users to change passwords.  That functionally is no more with Server 2012 and higher.  At the time – we didn’t have the funds to buy a password reset solution for our department so I found another way.  Using remote desktop services – RD Web Access you can accomplish the same thing for free.  Below is my tutorial on how to do this.

Windows Server Active Directory users password change website: