Solved

Trust Relationship over WAN

Posted on 1998-09-08
12
524 Views
Last Modified: 2013-12-28
We have one domain in Tel-Aviv and another one in LA,
i have to setup the trust relationship between them but when i try to add the second domain as trusted it can't find the PDC even when i made a static maping of the LA PDC in my WINS


Can anybody provide a to do list for this procedure ????
I really need it ..
Thanx
0
Comment
Question by:alexb
  • 5
  • 3
  • 2
  • +2
12 Comments
 

Author Comment

by:alexb
Comment Utility
Both sides can ping each other and both sides recieve information about the other PDC when typing "nbtstat -a PDC"

0
 
LVL 1

Expert Comment

by:derosa
Comment Utility
Try adding the addresses to the LMHOSTS file.
c:\winnt\system32\drivers\lmhosts
example

10.0.0.0    computername        #PRE
0
 

Author Comment

by:alexb
Comment Utility
done , but still can't find the PDC
0
 
LVL 1

Expert Comment

by:derosa
Comment Utility
The computer must be rebooted after adding the entries to the lmhosts file, or nbtstat -R   can be run from the command line to reload the netbios cache table.
0
 

Author Comment

by:alexb
Comment Utility
Reboot done after LMHOSTS file import ....
 
0
 
LVL 1

Expert Comment

by:jkb2
Comment Utility
A Few things to check --  (From My Enterprise Training)
   --  Only Admnistrators can setup trusts (This is a given). You must be signed on as        administrator to establish/accept a trust.
   --  The PDC's must be "free of session's". There can be no connections between the two        computers (No Shares or connections).
   --  Both Computer must have a common protocol (which I believe that you have with        TCP/IP)
 
Setup your Trusts on the Trusted side first. Then Do the Trusting Side...

Let me know if this helps. Make double sure there are no shares between the machines this is a big kicker.

0
Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

 

Expert Comment

by:jvieira
Comment Utility
Ok you have DomainA and DomainB.  I'm assumming you know the difference between trusting and trusted so I won't explain that.
steps:
1.  Log on as Administrator in DomainB
2.  Start User manger for domains.
3.  Choose Policies, Trust Relationships
     the Trust Relationships windows comes up
4.  Click on the  Add button next to the Trusting Domains box.
     the Add Trusting Domain window comes up
5.  Enter the name of DomainA, the initial password and confirm      password.  Hit OK
6.  Log on as Administrator in DomainA
7.  Start User manger for domains.
8.  Choose Policies, Trust Relationships
     the Trust Relationships windows comes up
9.  Click the Add button next to the Trusted Domains box.
     the Add Trusted Domain window comes up
10.  Enter DomainB and the password used in step 5.  Hit OK

This will set up a one-way trust, to set up a two way trust do the say thing but switch DomainA with DomainB and vice-versa.

Since One domain is in Tel-Aviv and one in LA I assume that two people are working on this at the same time.  You should do this over the phone at the same time.  Make sure that DomainB is set up to trust DomainA before you start up on DomainA (otherwise Domain will return an error stating that there trust relationship can not be verified at this time.

If you have any questions just ask,

Joe
0
 

Author Comment

by:alexb
Comment Utility
Thanks but that's what i know myself , the problem is that when i try to add the second domain it cannot find it's PDC
0
 
LVL 1

Expert Comment

by:jkb2
Comment Utility
Did you check the shares between the machines?

0
 

Author Comment

by:alexb
Comment Utility
what shares ??? , i can map the C$ of the other domain .
0
 
LVL 1

Expert Comment

by:jkb2
Comment Utility
You just need to be sure that there are no shared resources (ie like Mapped Drives) between the two machines. This will cause the trust to not work.

0
 
LVL 5

Accepted Solution

by:
Mujeeb082598 earned 250 total points
Comment Utility
Hi :)

Why not use netdom (included in NT Resource Kit) utility which let u create the trust from command line by specifying the domain names and user names/ password.

This info is from Article ID: Q175025.

Suppose MYMASTERDOM is the name of the master domain (that is, the trusted  domain) and MYRESOURCEDOM the name of the resource domain (the trusting      domain) that will trust the master domain.

With NETDOM, you can build the trust relationship from the command line. To do this, perform the following steps:

        1.On the master domain, use the following command to create a resource computer account (note that this command should appear on a single line):

NETDOM /Domain:MYMASTERDOM RESOURCE MYRESOURCEDOM <trust password> /ADD

        2.On the resource domain, use the following command to establish a trust with the master domain (note that this command should appear on a single line):

NETDOM /Domain:MYRESOURCEDOM MASTER MYMASTERDOM <trust password> /TRUST

NETDOM can also build a trust relationship and complete the operations above all at once. If you have an  administrator access to the resource domain, the either of the following commands builds the trust relationship in one step (note that these commands should each appear on a single line):

  NETDOM MASTER MYMASTERDOM <trust password> /TRUST

       -or-

(If you need to enter an administrator account for the resource domain)

NETDOM /Domain:MYRESOURCEDOM /User:MYRESOURCEDOM\<administrator user>
/Password:<administrator password> MASTER MYMASTERDOM <trust password>
/TRUST


You can run the second command above from the master domain primary domain controller (PDC) or from any Windows NT computer as soon as you have an administrator access to the master domain.

For more information on the NETDOM command, refer to the Windows NT 4.0 Resource Kit documentation.
0

Featured Post

Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

Join & Write a Comment

A few months ago I had an issue with LaserJet 1020 printer which was installed to XP and Windows 7.  It was installed to XP and working, but when I tried to connect from a Windows 7 PC, it would attempt connection and then fail.  Sometimes the Spool…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now