The trust relationship between the primary domain and the trusted domain failed. Microsoft Windows NT ID: 0xc00206fc.

I am trying to manage via the exchange administrator program, mailboxes on a EX 5.5 server running on a WIN2K machine at a small remote site.  Upon double clicking any given mailbox I recieve the following error: "The trust relationship between the primary domain and the trusted domain failed. Microsoft Windows NT ID: 0xc00206fc." After clicking ok, I get the properties pages but everything is grayed out. I have searched Google and hit one result that was pretty similar to my problem but the only solution there was a MS knowledgebase article 321165, which unfortunately did not solve the issue.

I have been previously able to complete this task and only recently started to experience the trouble. I have my main EX 5.5 site on an NT4 box and am able to manage boxes on this remote site via that machine, just not from the W2K machine. I have verified the trusts between the two domains of my main site and my remote site. I have not deleted and remade the trusts due to the fact that everything else seems to be working, (file access, printing, etc.) and that the trusts verified. Any help in the right direction is greatly appreciated.
shirelabsAsked:
Who is Participating?
 
moduloCommented:
PAQed with points refunded (500)

modulo
Community Support Moderator
0
 
jaguarpriestCommented:
This may sound dumb, but here goes. Have you thought of simply Terminal Service to that machine. FOrward port 3389 to that machine and you'll be able to simple TS to it and accomplish your tasks to that remote site.

Hope this helps as an idea for you.

Best of luck

jaguar
0
 
shirelabsAuthor Commented:
Jaguar;

This is a nice idea however, the problem exists at the machine at the remote site. (near as I can tell) As I mentioned before, I can administer the mailboxes from my main site that is on the NT4 machine so this problem is really rather more an inconvenience than a "work stoppage". Thanks for your input though.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
nbishop1979Commented:
We occasionaly get this error when managing a users mailbox, and I find the easiest thing to do is a directory export, verify the information and then import it again.
0
 
BNettles73Commented:

Did you check the remote site Exchange and make sure it can see the Administrative User or Groups at the Org > Site > Server level? If it is occurring when you open a particular mailbox there may be a problem with the SID on the NT account. If all the users are located in a different domain then there have you tried resetting the trusts between domains?

Somewhere there is a breakdown while it is trying to process the ACLs ... either the trust relationship between central and remote domain - unresolved SID at the ORG > Site > Server level ... or on the mailboxes themselves ...
0
 
BNettles73Commented:
"I have been previously able to complete this task and only recently started to experience the trouble. I have my main EX 5.5 site on an NT4 box and am able to manage boxes on this remote site via that machine, just not from the W2K machine."

- Check the Permissions at the server level on the W2K machine
- Make sure the W2K machine isn't having any issues contacting the DC
- Check your trusts from the remote site ... do those users access resources in your main site?
0
 
shirelabsAuthor Commented:
I have to this point:

1. deleted and recreated the trusts
2. checked the permissions at the server level on the w2k machine
3. Made sure there are no contact issues between the w2k machine and the PDC at the main site
4. checked the permissions at the ORG -> Site -> and Server levels of Exchange Admin as well as checking for unresolved SID's or accounts (none found)
5. Reconfirmed that the error I get only occurs when 'I try to administer any mailbox via Exchange Administrator program at the W2k domain. If I administer mailboxes on the remote site from the NT4 PDC at the main site, all is well.

I am interested in the idea that nbishop1979 mentioned regarding a directory export, verify, and import but have never done it before so I am unsure of the exact process and reprecussions. If any of you are reasonably sure that this will work to solve this issue, would one of you mind explaining a bit more in detail of how to go about this? Thanks agin for all your valuable suggestions.
0
 
BNettles73Commented:
Everytime I've ever seen this issue was when there were ACLs or messed up account names. I told him what the problem was and nbishop told him how to check it. He never responded so I assume he got it fixed, at least I hope.

Brian
0
 
Bob LearnedCommented:
Did you miss the post from shirelabs at 09/07/2004 01:17PM EDT?

"I am interested in the idea that nbishop1979 mentioned regarding a directory export, verify, and import but have never done it before so I am unsure of the exact process and reprecussions."

Bob
0
 
shirelabsAuthor Commented:
This issue has been resolved. We came to no real conclusion on the issue do to any of the suggestions here. The final solution was to completely rebuild the W2k domain and establish a new trust with the NT 4.0 Domain that was hosting the Exchange 5.5 Server.

Thank you to all who contributed potential solutions, it was unfortunate that none of them seemed to resolve our issue. Good luck to all.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.