Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

The trust relationship between the primary domain and the trusted domain failed. Microsoft Windows NT ID: 0xc00206fc.

Posted on 2004-08-10
12
Medium Priority
?
3,196 Views
Last Modified: 2008-01-09
I am trying to manage via the exchange administrator program, mailboxes on a EX 5.5 server running on a WIN2K machine at a small remote site.  Upon double clicking any given mailbox I recieve the following error: "The trust relationship between the primary domain and the trusted domain failed. Microsoft Windows NT ID: 0xc00206fc." After clicking ok, I get the properties pages but everything is grayed out. I have searched Google and hit one result that was pretty similar to my problem but the only solution there was a MS knowledgebase article 321165, which unfortunately did not solve the issue.

I have been previously able to complete this task and only recently started to experience the trouble. I have my main EX 5.5 site on an NT4 box and am able to manage boxes on this remote site via that machine, just not from the W2K machine. I have verified the trusts between the two domains of my main site and my remote site. I have not deleted and remade the trusts due to the fact that everything else seems to be working, (file access, printing, etc.) and that the trusts verified. Any help in the right direction is greatly appreciated.
0
Comment
Question by:shirelabs
12 Comments
 
LVL 7

Expert Comment

by:jaguarpriest
ID: 11764112
This may sound dumb, but here goes. Have you thought of simply Terminal Service to that machine. FOrward port 3389 to that machine and you'll be able to simple TS to it and accomplish your tasks to that remote site.

Hope this helps as an idea for you.

Best of luck

jaguar
0
 

Author Comment

by:shirelabs
ID: 11764325
Jaguar;

This is a nice idea however, the problem exists at the machine at the remote site. (near as I can tell) As I mentioned before, I can administer the mailboxes from my main site that is on the NT4 machine so this problem is really rather more an inconvenience than a "work stoppage". Thanks for your input though.
0
 
LVL 6

Expert Comment

by:nbishop1979
ID: 11765605
We occasionaly get this error when managing a users mailbox, and I find the easiest thing to do is a directory export, verify the information and then import it again.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 12

Expert Comment

by:BNettles73
ID: 11778305

Did you check the remote site Exchange and make sure it can see the Administrative User or Groups at the Org > Site > Server level? If it is occurring when you open a particular mailbox there may be a problem with the SID on the NT account. If all the users are located in a different domain then there have you tried resetting the trusts between domains?

Somewhere there is a breakdown while it is trying to process the ACLs ... either the trust relationship between central and remote domain - unresolved SID at the ORG > Site > Server level ... or on the mailboxes themselves ...
0
 
LVL 12

Expert Comment

by:BNettles73
ID: 11778325
"I have been previously able to complete this task and only recently started to experience the trouble. I have my main EX 5.5 site on an NT4 box and am able to manage boxes on this remote site via that machine, just not from the W2K machine."

- Check the Permissions at the server level on the W2K machine
- Make sure the W2K machine isn't having any issues contacting the DC
- Check your trusts from the remote site ... do those users access resources in your main site?
0
 

Author Comment

by:shirelabs
ID: 11998904
I have to this point:

1. deleted and recreated the trusts
2. checked the permissions at the server level on the w2k machine
3. Made sure there are no contact issues between the w2k machine and the PDC at the main site
4. checked the permissions at the ORG -> Site -> and Server levels of Exchange Admin as well as checking for unresolved SID's or accounts (none found)
5. Reconfirmed that the error I get only occurs when 'I try to administer any mailbox via Exchange Administrator program at the W2k domain. If I administer mailboxes on the remote site from the NT4 PDC at the main site, all is well.

I am interested in the idea that nbishop1979 mentioned regarding a directory export, verify, and import but have never done it before so I am unsure of the exact process and reprecussions. If any of you are reasonably sure that this will work to solve this issue, would one of you mind explaining a bit more in detail of how to go about this? Thanks agin for all your valuable suggestions.
0
 
LVL 12

Expert Comment

by:BNettles73
ID: 14262722
Everytime I've ever seen this issue was when there were ACLs or messed up account names. I told him what the problem was and nbishop told him how to check it. He never responded so I assume he got it fixed, at least I hope.

Brian
0
 
LVL 96

Expert Comment

by:Bob Learned
ID: 14501255
Did you miss the post from shirelabs at 09/07/2004 01:17PM EDT?

"I am interested in the idea that nbishop1979 mentioned regarding a directory export, verify, and import but have never done it before so I am unsure of the exact process and reprecussions."

Bob
0
 

Author Comment

by:shirelabs
ID: 14531213
This issue has been resolved. We came to no real conclusion on the issue do to any of the suggestions here. The final solution was to completely rebuild the W2k domain and establish a new trust with the NT 4.0 Domain that was hosting the Exchange 5.5 Server.

Thank you to all who contributed potential solutions, it was unfortunate that none of them seemed to resolve our issue. Good luck to all.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 14560795
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to effectively resolve the number one email related issue received by helpdesks.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question