Solved

Trust Relationship - Net Use Question

Posted on 2001-08-30
11
220 Views
Last Modified: 2010-05-18
Windows 2000 - I have a user on domain "cat" that is currently visiting a field office.  This field office is on domain "dog"

cat and dog domains DO NOT have a trust relationship

I created an account for user on "dog" domain

Set WNS and DNS with both "cat" and "dog" TCP domain accounts.  Left gateway blank.

User is logged into "cat" domain and can see servers on "cat" domain.  Cannot see "dog" domain.

While I can ping "dog" domain when I go to start run
\\dog
get error that domain is locked and not accessible

Tried mapping drive to \\dog and get error "path not found"

So - tried using net use at the command line
syntax:
Y: \\dog\files /user:dog\jsmith
Get error domain not found

Is my syntax wrong?  Is it even possible to access files on a domain in which there is no trust relationship?

0
Comment
Question by:tituba2
  • 3
  • 2
  • 2
  • +3
11 Comments
 
LVL 4

Expert Comment

by:darrenburke
ID: 6441220
you left the gateway blank?  Are both domains on the same network/subnet?



0
 
LVL 10

Expert Comment

by:Longbow
ID: 6441305

Without the thrust relationship you are not known from the other domain

Use the following command

net use x: \\Server\Share * /u:domain\username
"domain" may be a computername and server an ip

Longbow

0
 
LVL 32

Expert Comment

by:jhance
ID: 6441329
You're question is all confused and I think the reason is that you don't understand the relationship between networks, domains/trusts, and network services.

I'm not even sure where to start....

1) You must have a viable PHYSICAL network connection in place.  So be sure you are plugged into an active network port.

2) You must have a viable LOGICAL network connection in place.  In this case you seems to be using (or trying to use) TCPIP.  For TCPIP to work you MUST HAVE an IP address, a network MASK, and a GATEWAY.  If you left the gateway blank then ALL HOSTS you try to contact MUST BE ON THE LOCAL SUBNET as specified by the network MASK.  It would be VERY UNUSUAL to have a blank gateway.  Once TCPIP is working correctly you should be able to PING another host by IP address.

3) You must have a working name resolution and the most common here is DNS.  You need a DNS server and you need to set that up in the network control panel.  Once that is setup you should be able to PING by NAME.

4) For Window networking to work by name you must have WINS working.  WINS is similar to DNS but is specific to Windows networking.  If you specify a host like \\hostname\sharename, you are asking WINS or an alternate Windows name resolution service to figure out who "hostname" is.  Since you mentioned WINS I'm assuming you have a WINS server and know its IP address.

5) Now you are in a position to authenticate to the domain and this is all that NT DOMAINs are responsible for.  Basically logging you in and thereby controlling access to the Domain resources.  If you have no trust between cat and dog you must JOIN the domain before you can logon to it.  Once you join dog, you are no longer a member of cat.  You can only then logon to cat if you again join cat.  You cannot be a member of more than one domain at a time.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 4

Author Comment

by:tituba2
ID: 6442057
1.  Yes, I have a physical connection to the network
2.  Cat and Dog are on different subnets.  I tried putting their gateway and it did not make a difference
3.  I CAN ping "dog" by name and TCP.  What I cannot do is
then open folders on the dog domain
4.  WNS is working as I can ping both by name and TCP

What I cannot seem to do is join "dog" domain.


Longbow
This syntax produces error "domain not found"
0
 
LVL 32

Expert Comment

by:jhance
ID: 6442071
How are you attempting to joing the "dog" domain?

If the error is that the domain is not found then the domain is not found.  You are giving it the wrong name or in fact there is no domain by such a name.
0
 
LVL 10

Expert Comment

by:Longbow
ID: 6442338
Are your shares corrects ?
Are they not hidden ?
Have you tried "net use" with the IP server ?


maybe some help :
http://support.microsoft.com/support/kb/articles/Q102/9/08.ASP

Longbow
0
 

Expert Comment

by:msctec
ID: 6442496
Just create the trust.
0
 
LVL 4

Author Comment

by:tituba2
ID: 6442656
Can't create the trust - corporate decision.  They don't want a trust between these two domains.  They just send "visitors" here and want them to access both domains....you know the song

My shares are correct and user has permissions for the shared folder.
0
 

Accepted Solution

by:
msctec earned 200 total points
ID: 6443885
Thats the whole point of a trust. If you don't set up the trust you won't get to see the domain. You can ping it because it is just an ip address. There is no firewall blocking out pings or ip adress ranges. No trust - no access.
0
 
LVL 2

Expert Comment

by:pssiew
ID: 6444329
have you considered ftp access ?
since you can't have a trust, ftp would also work. it will be bit more admistrative work

hope this helped
0
 
LVL 10

Expert Comment

by:Longbow
ID: 6444775
tituba2,

The 1rst answer you receive already tell you you need a thrust relationship. What's wrong ?
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question