Solved

Server 2003 setting up one way trust problem -

Posted on 2006-07-11
12
1,325 Views
Last Modified: 2008-01-09
Hi

we are setting up a 1 way trust between 2 domains

when I validate the trust on the domain controller  in the trusting domain - it validates OK :)

BUT when i try to validate the trust on the domain controller in the domain to be trusted I get an error


---------------------------
Active Directory
---------------------------
Windows cannot find a domain controller for the xxxxxxx.co.uk domain. Verify that a DC is available and then try again.

I have setup each domain in my DNS so each forward lookup zone has both domains. BUT it still doesnt work
the machines can ping each other and are on the same network.

HELP! !!

0
Comment
Question by:Ken-doh
12 Comments
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17081723
It needs to see the SRV records etc. in DNS, are they able to see each other's DNS completely, i.e. a secondary of the other forest's DNS or have you just created a new emptyish zone? You could probably resort to LMHOSTS entries, I've only ever done that NT4 to W2kX though not between two W2KX so not sure on that...

http://www.tek-tips.com/viewthread.cfm?qid=1226117&page=6
0
 
LVL 1

Author Comment

by:Ken-doh
ID: 17081756
yes

there is a complete secondary zone, that is exactly the same as the other in the forward lookup zone - its marked as secondary

0
 
LVL 1

Author Comment

by:Ken-doh
ID: 17081773
as were not using WINS the tek tips isnt current - thanks thou....

its got me completly baffeled..
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17082812
can you resolve the other domain controller using nslookup?
0
 
LVL 1

Author Comment

by:Ken-doh
ID: 17083005
yeah i can


however I solved the problem by adding forwarders to the other domain servers just now


:) so thats the solution

cheers thou
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 43

Expert Comment

by:Steve Knight
ID: 17083091
Probably silly question but is the dc in question pointing at itself I.e. secondary dns for dns in tcpip settings or maybe at another dc that won't have the secondary on?
0
 
LVL 1

Author Comment

by:Ken-doh
ID: 17083161
yes - its points to iteslf  - as dns server and our backup 1
0
 
LVL 1

Author Comment

by:Ken-doh
ID: 17083170
but its not got me solving my issue

i cant get IIS to write weblogs accross my trusts to my new server - despite setting null session shares and everything thing else under the sun :(
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17084057
The backup one won't have the secondary on of course which could potentially be involved.

In any case if this is only to get logs from a to b can you not setup a script to do it hourly or whatever - you can map a drive with net use /user: in a scheduled batch file without any trusts being in place at all or setup a scheduled ftp of the logs.

Steve
0
 
LVL 1

Author Comment

by:Ken-doh
ID: 17088976
yeah....

but I have quite a few servers and I dont want to be worrying about scheduled tasks not running or problems, I have looked into null session shares as well but couldnt get that working :(
0
 
LVL 5

Accepted Solution

by:
Netminder earned 0 total points
ID: 17118395
Closed, 500 points refunded.
Netminder
Site Admin
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now