How to configure a one way trust in Server 2019

Step 1 – configure DNS on domain 1 so it can find domain 2.
1. Open DNS Manager on domain1 and create a forward lookup zone.
2. Right click Forward Lookup Zone and choose New Zone – Next – Stub zone.
3. To all DNS servers in this DOMAIN – next – Zone name:  domain2.com – next.
4. Enter the IP address of the dns server for the trusted domain (domain2) then enter for it to resolve – Next – Finish.
5. Open command prompt and ping new stub zone “ping domain2.com” and verify reply.

Step 2 – configure DNS on domain 2 so it can find domain 1.
1. Open DNS Manager on domain2.com and create a forward lookup zone.
2. Right click Forward Lookup Zone and choose New Zone – Next – Stub zone.
3. To all DNS servers in this DOMAIN – next – Zone name:  domain1.com – next.
4. Enter the IP address of the dns server (domain1) for the trusted domain then enter for it to resolve – Next – Finish.
5. Open command prompt and ping new stub zone “ping domain1.com” and verify reply.

Step 3 – Configure trust on Domain 1.
1. Open Server Manager – AD DS – AD Domains and Trusts.
2. Right click domain1.com – properties – Trusts tab – Click New Trust…
3. Choose a name for the trust (I use the domain name I’m allowing access) – Next.
4. Choose appropriate Trust Type (External in my example) – Next.
5. Choose your desired direction. In this video I’m setting up a One-way: outgoing. This allows the door to domain 1 to open out so that the other domain2 can come in. Users in domain 2 can authenticate and log in to domain 1.
6. Choose Sides of Trust. This domain only.
7. Choose Outgoing Trust Authentication Level – Domain wide is easier as it allows all workstation log ins. 
Selective authentication – you will need to grant access to each server or workstation or use groups. I’m using Selective authentication for this video.
8. Create a trust password – Next. Review summary – Next – Next.
9. Confirm if the other side has already been created – this video – no – Finish.

Step 4 – Configure trust on Domain 2.
1. Open Server Manager – AD DS – AD Domains and Trusts.
2. Right click domain2.com – properties – Trusts tab – Click New Trust…
3. Choose a name for the trust (I use the domain name I will access) – Next. 4. Choose appropriate Trust Type (External in my example) – Next.
5. Choose your desired direction. In this part I’m creating a One-way: incoming.
6. Choose Sides of Trust. This domain only.
7. Enter same password you created in previous trust creation.
8. Review summary – Next – Next
9. Confirm Incoming Trust if you want. Next – Finish!