Solved

Trust Relationship over WAN

Posted on 1998-09-08
12
577 Views
Last Modified: 2013-12-28
We have one domain in Tel-Aviv and another one in LA,
i have to setup the trust relationship between them but when i try to add the second domain as trusted it can't find the PDC even when i made a static maping of the LA PDC in my WINS


Can anybody provide a to do list for this procedure ????
I really need it ..
Thanx
0
Comment
Question by:alexb
  • 5
  • 3
  • 2
  • +2
12 Comments
 

Author Comment

by:alexb
ID: 1792349
Both sides can ping each other and both sides recieve information about the other PDC when typing "nbtstat -a PDC"

0
 
LVL 1

Expert Comment

by:derosa
ID: 1792350
Try adding the addresses to the LMHOSTS file.
c:\winnt\system32\drivers\lmhosts
example

10.0.0.0    computername        #PRE
0
 

Author Comment

by:alexb
ID: 1792351
done , but still can't find the PDC
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 
LVL 1

Expert Comment

by:derosa
ID: 1792352
The computer must be rebooted after adding the entries to the lmhosts file, or nbtstat -R   can be run from the command line to reload the netbios cache table.
0
 

Author Comment

by:alexb
ID: 1792353
Reboot done after LMHOSTS file import ....
 
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792354
A Few things to check --  (From My Enterprise Training)
   --  Only Admnistrators can setup trusts (This is a given). You must be signed on as        administrator to establish/accept a trust.
   --  The PDC's must be "free of session's". There can be no connections between the two        computers (No Shares or connections).
   --  Both Computer must have a common protocol (which I believe that you have with        TCP/IP)
 
Setup your Trusts on the Trusted side first. Then Do the Trusting Side...

Let me know if this helps. Make double sure there are no shares between the machines this is a big kicker.

0
 

Expert Comment

by:jvieira
ID: 1792355
Ok you have DomainA and DomainB.  I'm assumming you know the difference between trusting and trusted so I won't explain that.
steps:
1.  Log on as Administrator in DomainB
2.  Start User manger for domains.
3.  Choose Policies, Trust Relationships
     the Trust Relationships windows comes up
4.  Click on the  Add button next to the Trusting Domains box.
     the Add Trusting Domain window comes up
5.  Enter the name of DomainA, the initial password and confirm      password.  Hit OK
6.  Log on as Administrator in DomainA
7.  Start User manger for domains.
8.  Choose Policies, Trust Relationships
     the Trust Relationships windows comes up
9.  Click the Add button next to the Trusted Domains box.
     the Add Trusted Domain window comes up
10.  Enter DomainB and the password used in step 5.  Hit OK

This will set up a one-way trust, to set up a two way trust do the say thing but switch DomainA with DomainB and vice-versa.

Since One domain is in Tel-Aviv and one in LA I assume that two people are working on this at the same time.  You should do this over the phone at the same time.  Make sure that DomainB is set up to trust DomainA before you start up on DomainA (otherwise Domain will return an error stating that there trust relationship can not be verified at this time.

If you have any questions just ask,

Joe
0
 

Author Comment

by:alexb
ID: 1792356
Thanks but that's what i know myself , the problem is that when i try to add the second domain it cannot find it's PDC
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792357
Did you check the shares between the machines?

0
 

Author Comment

by:alexb
ID: 1792358
what shares ??? , i can map the C$ of the other domain .
0
 
LVL 1

Expert Comment

by:jkb2
ID: 1792359
You just need to be sure that there are no shared resources (ie like Mapped Drives) between the two machines. This will cause the trust to not work.

0
 
LVL 5

Accepted Solution

by:
Mujeeb082598 earned 250 total points
ID: 1792360
Hi :)

Why not use netdom (included in NT Resource Kit) utility which let u create the trust from command line by specifying the domain names and user names/ password.

This info is from Article ID: Q175025.

Suppose MYMASTERDOM is the name of the master domain (that is, the trusted  domain) and MYRESOURCEDOM the name of the resource domain (the trusting      domain) that will trust the master domain.

With NETDOM, you can build the trust relationship from the command line. To do this, perform the following steps:

        1.On the master domain, use the following command to create a resource computer account (note that this command should appear on a single line):

NETDOM /Domain:MYMASTERDOM RESOURCE MYRESOURCEDOM <trust password> /ADD

        2.On the resource domain, use the following command to establish a trust with the master domain (note that this command should appear on a single line):

NETDOM /Domain:MYRESOURCEDOM MASTER MYMASTERDOM <trust password> /TRUST

NETDOM can also build a trust relationship and complete the operations above all at once. If you have an  administrator access to the resource domain, the either of the following commands builds the trust relationship in one step (note that these commands should each appear on a single line):

  NETDOM MASTER MYMASTERDOM <trust password> /TRUST

       -or-

(If you need to enter an administrator account for the resource domain)

NETDOM /Domain:MYRESOURCEDOM /User:MYRESOURCEDOM\<administrator user>
/Password:<administrator password> MASTER MYMASTERDOM <trust password>
/TRUST


You can run the second command above from the master domain primary domain controller (PDC) or from any Windows NT computer as soon as you have an administrator access to the master domain.

For more information on the NETDOM command, refer to the Windows NT 4.0 Resource Kit documentation.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question