Validate a trust

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

You can validate all trusts that are made between domains, but you cannot validate realm trusts.

You can validate a trust by using the New Trust Wizard in Active Directory Domains and Trusts or by using the Netdom command-line tool. For more information about how to use the Netdom command-line tool to create a realm trust, see "Netdom.exe: Windows Domain Manager" in the Windows Server 2003 Technical Reference on the Microsoft Web site (https://go.microsoft.com/fwlink/?LinkId=41700).

Administrative credentials

To complete this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory.

To validate a trust

  • Using the Windows interface

  • Using the command line

Using the Windows interface

  1. Open Active Directory Domains and Trusts.

  2. In the console tree, right-click the domain that contains the trust that you want to validate, and then click Properties.

  3. On the Trusts tab, under either Domains trusted by this domain (outgoing trusts) or Domains that trust this domain (incoming trusts), click the trust to be validated, and then click Properties.

  4. Click Validate.

  5. Do one of the following, and then click OK:

    • Click No, do not validate the incoming trust.

      If you click this option, it is recommended that you repeat this procedure for the reciprocal domain.

    • Click Yes, validate the incoming trust.

      If you click this option, you must type a user account and password with administrative credentials for the reciprocal domain.

Using the command line

  1. Open a Command Prompt.

  2. Type the following command, and then press ENTER:

    netdom trust TrustingDomainName **/d:**TrustedDomainName /verify

    Term Definition

    TrustingDomainName

    Specifies the Domain Name System (DNS) name (or network basic input/output system (NetBIOS) name) of the trusting domain in the trust that is being created.

    TrustedDomainName

    Specifies the DNS name (or NetBIOS name) of the domain that will be trusted in the trust that is being created.