Solved

Trust Relationship over WAN

Posted on 1998-09-08
12
610 Views
Last Modified: 2013-12-28
We have one domain in Tel-Aviv and another one in LA,
i have to setup the trust relationship between them but when i try to add the second domain as trusted it can't find the PDC even when i made a static maping of the LA PDC in my WINS


Can anybody provide a to do list for this procedure ????
I really need it ..
Thanx
0
Comment
Question by:alexb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +2
12 Comments
 

Author Comment

by:alexb
ID: 1792349
Both sides can ping each other and both sides recieve information about the other PDC when typing "nbtstat -a PDC"

0
 
LVL 1

Expert Comment

by:derosa
ID: 1792350
Try adding the addresses to the LMHOSTS file.
c:\winnt\system32\drivers\lmhosts
example

10.0.0.0    computername        #PRE
0
 

Author Comment

by:alexb
ID: 1792351
done , but still can't find the PDC
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 1

Expert Comment

by:derosa
ID: 1792352
The computer must be rebooted after adding the entries to the lmhosts file, or nbtstat -R   can be run from the command line to reload the netbios cache table.
0
 

Author Comment

by:alexb
ID: 1792353
Reboot done after LMHOSTS file import ....
 
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792354
A Few things to check --  (From My Enterprise Training)
   --  Only Admnistrators can setup trusts (This is a given). You must be signed on as        administrator to establish/accept a trust.
   --  The PDC's must be "free of session's". There can be no connections between the two        computers (No Shares or connections).
   --  Both Computer must have a common protocol (which I believe that you have with        TCP/IP)
 
Setup your Trusts on the Trusted side first. Then Do the Trusting Side...

Let me know if this helps. Make double sure there are no shares between the machines this is a big kicker.

0
 

Expert Comment

by:jvieira
ID: 1792355
Ok you have DomainA and DomainB.  I'm assumming you know the difference between trusting and trusted so I won't explain that.
steps:
1.  Log on as Administrator in DomainB
2.  Start User manger for domains.
3.  Choose Policies, Trust Relationships
     the Trust Relationships windows comes up
4.  Click on the  Add button next to the Trusting Domains box.
     the Add Trusting Domain window comes up
5.  Enter the name of DomainA, the initial password and confirm      password.  Hit OK
6.  Log on as Administrator in DomainA
7.  Start User manger for domains.
8.  Choose Policies, Trust Relationships
     the Trust Relationships windows comes up
9.  Click the Add button next to the Trusted Domains box.
     the Add Trusted Domain window comes up
10.  Enter DomainB and the password used in step 5.  Hit OK

This will set up a one-way trust, to set up a two way trust do the say thing but switch DomainA with DomainB and vice-versa.

Since One domain is in Tel-Aviv and one in LA I assume that two people are working on this at the same time.  You should do this over the phone at the same time.  Make sure that DomainB is set up to trust DomainA before you start up on DomainA (otherwise Domain will return an error stating that there trust relationship can not be verified at this time.

If you have any questions just ask,

Joe
0
 

Author Comment

by:alexb
ID: 1792356
Thanks but that's what i know myself , the problem is that when i try to add the second domain it cannot find it's PDC
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792357
Did you check the shares between the machines?

0
 

Author Comment

by:alexb
ID: 1792358
what shares ??? , i can map the C$ of the other domain .
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792359
You just need to be sure that there are no shared resources (ie like Mapped Drives) between the two machines. This will cause the trust to not work.

0
 
LVL 5

Accepted Solution

by:
Mujeeb082598 earned 250 total points
ID: 1792360
Hi :)

Why not use netdom (included in NT Resource Kit) utility which let u create the trust from command line by specifying the domain names and user names/ password.

This info is from Article ID: Q175025.

Suppose MYMASTERDOM is the name of the master domain (that is, the trusted  domain) and MYRESOURCEDOM the name of the resource domain (the trusting      domain) that will trust the master domain.

With NETDOM, you can build the trust relationship from the command line. To do this, perform the following steps:

        1.On the master domain, use the following command to create a resource computer account (note that this command should appear on a single line):

NETDOM /Domain:MYMASTERDOM RESOURCE MYRESOURCEDOM <trust password> /ADD

        2.On the resource domain, use the following command to establish a trust with the master domain (note that this command should appear on a single line):

NETDOM /Domain:MYRESOURCEDOM MASTER MYMASTERDOM <trust password> /TRUST

NETDOM can also build a trust relationship and complete the operations above all at once. If you have an  administrator access to the resource domain, the either of the following commands builds the trust relationship in one step (note that these commands should each appear on a single line):

  NETDOM MASTER MYMASTERDOM <trust password> /TRUST

       -or-

(If you need to enter an administrator account for the resource domain)

NETDOM /Domain:MYRESOURCEDOM /User:MYRESOURCEDOM\<administrator user>
/Password:<administrator password> MASTER MYMASTERDOM <trust password>
/TRUST


You can run the second command above from the master domain primary domain controller (PDC) or from any Windows NT computer as soon as you have an administrator access to the master domain.

For more information on the NETDOM command, refer to the Windows NT 4.0 Resource Kit documentation.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question