Solved

Trust Relationship over WAN

Posted on 1998-09-08
12
595 Views
Last Modified: 2013-12-28
We have one domain in Tel-Aviv and another one in LA,
i have to setup the trust relationship between them but when i try to add the second domain as trusted it can't find the PDC even when i made a static maping of the LA PDC in my WINS


Can anybody provide a to do list for this procedure ????
I really need it ..
Thanx
0
Comment
Question by:alexb
  • 5
  • 3
  • 2
  • +2
12 Comments
 

Author Comment

by:alexb
ID: 1792349
Both sides can ping each other and both sides recieve information about the other PDC when typing "nbtstat -a PDC"

0
 
LVL 1

Expert Comment

by:derosa
ID: 1792350
Try adding the addresses to the LMHOSTS file.
c:\winnt\system32\drivers\lmhosts
example

10.0.0.0    computername        #PRE
0
 

Author Comment

by:alexb
ID: 1792351
done , but still can't find the PDC
0
Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

 
LVL 1

Expert Comment

by:derosa
ID: 1792352
The computer must be rebooted after adding the entries to the lmhosts file, or nbtstat -R   can be run from the command line to reload the netbios cache table.
0
 

Author Comment

by:alexb
ID: 1792353
Reboot done after LMHOSTS file import ....
 
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792354
A Few things to check --  (From My Enterprise Training)
   --  Only Admnistrators can setup trusts (This is a given). You must be signed on as        administrator to establish/accept a trust.
   --  The PDC's must be "free of session's". There can be no connections between the two        computers (No Shares or connections).
   --  Both Computer must have a common protocol (which I believe that you have with        TCP/IP)
 
Setup your Trusts on the Trusted side first. Then Do the Trusting Side...

Let me know if this helps. Make double sure there are no shares between the machines this is a big kicker.

0
 

Expert Comment

by:jvieira
ID: 1792355
Ok you have DomainA and DomainB.  I'm assumming you know the difference between trusting and trusted so I won't explain that.
steps:
1.  Log on as Administrator in DomainB
2.  Start User manger for domains.
3.  Choose Policies, Trust Relationships
     the Trust Relationships windows comes up
4.  Click on the  Add button next to the Trusting Domains box.
     the Add Trusting Domain window comes up
5.  Enter the name of DomainA, the initial password and confirm      password.  Hit OK
6.  Log on as Administrator in DomainA
7.  Start User manger for domains.
8.  Choose Policies, Trust Relationships
     the Trust Relationships windows comes up
9.  Click the Add button next to the Trusted Domains box.
     the Add Trusted Domain window comes up
10.  Enter DomainB and the password used in step 5.  Hit OK

This will set up a one-way trust, to set up a two way trust do the say thing but switch DomainA with DomainB and vice-versa.

Since One domain is in Tel-Aviv and one in LA I assume that two people are working on this at the same time.  You should do this over the phone at the same time.  Make sure that DomainB is set up to trust DomainA before you start up on DomainA (otherwise Domain will return an error stating that there trust relationship can not be verified at this time.

If you have any questions just ask,

Joe
0
 

Author Comment

by:alexb
ID: 1792356
Thanks but that's what i know myself , the problem is that when i try to add the second domain it cannot find it's PDC
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792357
Did you check the shares between the machines?

0
 

Author Comment

by:alexb
ID: 1792358
what shares ??? , i can map the C$ of the other domain .
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792359
You just need to be sure that there are no shared resources (ie like Mapped Drives) between the two machines. This will cause the trust to not work.

0
 
LVL 5

Accepted Solution

by:
Mujeeb082598 earned 250 total points
ID: 1792360
Hi :)

Why not use netdom (included in NT Resource Kit) utility which let u create the trust from command line by specifying the domain names and user names/ password.

This info is from Article ID: Q175025.

Suppose MYMASTERDOM is the name of the master domain (that is, the trusted  domain) and MYRESOURCEDOM the name of the resource domain (the trusting      domain) that will trust the master domain.

With NETDOM, you can build the trust relationship from the command line. To do this, perform the following steps:

        1.On the master domain, use the following command to create a resource computer account (note that this command should appear on a single line):

NETDOM /Domain:MYMASTERDOM RESOURCE MYRESOURCEDOM <trust password> /ADD

        2.On the resource domain, use the following command to establish a trust with the master domain (note that this command should appear on a single line):

NETDOM /Domain:MYRESOURCEDOM MASTER MYMASTERDOM <trust password> /TRUST

NETDOM can also build a trust relationship and complete the operations above all at once. If you have an  administrator access to the resource domain, the either of the following commands builds the trust relationship in one step (note that these commands should each appear on a single line):

  NETDOM MASTER MYMASTERDOM <trust password> /TRUST

       -or-

(If you need to enter an administrator account for the resource domain)

NETDOM /Domain:MYRESOURCEDOM /User:MYRESOURCEDOM\<administrator user>
/Password:<administrator password> MASTER MYMASTERDOM <trust password>
/TRUST


You can run the second command above from the master domain primary domain controller (PDC) or from any Windows NT computer as soon as you have an administrator access to the master domain.

For more information on the NETDOM command, refer to the Windows NT 4.0 Resource Kit documentation.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question