diff --git a/src/tests/system/mhc.yaml b/src/tests/system/mhc.yaml
index 0f93ff2df7e..1abbce72241 100644
--- a/src/tests/system/mhc.yaml
+++ b/src/tests/system/mhc.yaml
@@ -69,3 +69,13 @@ domains:
         krb5_server: kdc.test
         krb5_kpasswd: kdc.test
         krb5_realm: TEST
+
+- id: ipa2
+  hosts:
+  - hostname: master2.ipa2.test
+    role: ipa
+    config:
+      client:
+        ipa_domain: ipa2.test
+        krb5_keytab: /enrollment/ipa2.test.keytab
+        ldap_krb5_keytab: /enrollment/ipa2.test.keytab
\ No newline at end of file
diff --git a/src/tests/system/tests/test_ipa_trusts.py b/src/tests/system/tests/test_ipa_trusts.py
index 88de9bdf574..f56c9f8adb3 100644
--- a/src/tests/system/tests/test_ipa_trusts.py
+++ b/src/tests/system/tests/test_ipa_trusts.py
@@ -7,14 +7,15 @@
 from __future__ import annotations
 
 import pytest
+from sssd_test_framework.roles.client import Client
 from sssd_test_framework.roles.generic import GenericADProvider
 from sssd_test_framework.roles.ipa import IPA
-from sssd_test_framework.topology import KnownTopologyGroup
+from sssd_test_framework.topology import KnownTopology, KnownTopologyGroup
 
 
 @pytest.mark.importance("low")
 @pytest.mark.ticket(jira="RHEL-3925", gh=6942)
-@pytest.mark.topology(KnownTopologyGroup.IPATrust)
+@pytest.mark.topology(KnownTopologyGroup.IPATrustAD)
 def test_ipa_trusts__lookup_group_without_sid(ipa: IPA, trusted: GenericADProvider):
     """
     :title: Subdomain stays online if IPA group is missing SID
@@ -60,3 +61,60 @@ def test_ipa_trusts__lookup_group_without_sid(ipa: IPA, trusted: GenericADProvid
     status = ipa.sssctl.domain_status(trusted.domain, online=True)
     assert "online status: offline" not in status.stdout.lower(), "AD domain went offline!"
     assert "online status: online" in status.stdout.lower(), "AD domain was not online!"
+
+
+@pytest.mark.importance("low")
+@pytest.mark.topology(KnownTopologyGroup.AnyIPATrust)
+def test_ipa_trusts__ipa_master_lookup_trusted_user(ipa: IPA, trusted: IPA):
+    """
+    :title: Basic IPA-IPA Trust lookup on IPA server
+    :setup:
+        1. Restart SSSD and clear cache on IPA server
+    :steps:
+        1. Resolve trusted domain admin user
+    :expectedresults:
+        1. User is resolved
+    :customerscenario: True
+    """
+    ipa.sssd.clear(db=True, memcache=True, logs=True)
+    ipa.sssd.restart()
+
+    # Resolve user
+    username = trusted.admin_fqn()
+
+    id_user = ipa.tools.id(username)
+    assert id_user is not None
+    assert id_user.user.name == username
+
+
+@pytest.mark.importance("low")
+@pytest.mark.topology(KnownTopology.IPATrustIPA)
+def test_ipa_trusts__lookup_trusted_user(client: Client, ipa: IPA, trusted: IPA):
+    """
+    :title: Basic IPA-IPA Trust lookup on IPA client
+    :setup:
+        1. Restart SSSD and clear cache on IPA client
+    :steps:
+        1. Resolve trusted admin user
+        2. Resolve group "admins@trusteddomain"
+    :expectedresults:
+        1. User is resolved
+        2. Group is resolved
+    :customerscenario: True
+    """
+    client.sssd.clear(db=True, memcache=True, logs=True)
+    client.sssd.restart()
+
+    # Resolve user
+    username = trusted.admin_fqn()
+
+    id_user = client.tools.id(username)
+    assert id_user is not None
+    assert id_user.user.name == username
+
+    # Resolve group
+    groupname = trusted.fqn("admins")
+
+    getent_group = client.tools.getent.group(groupname)
+    assert getent_group is not None
+    assert getent_group.name == groupname