Solved

Setting up a trust between two 2003 Servers

Posted on 2006-11-26
9
323 Views
Last Modified: 2011-10-03
Hi all,

I am having a problem setting up a trust relationship between two domains.  One server is running Server 2003 standard and the other one is a new server that I am setting up that came with Server 2003 R2.

When I try to setup the trusts between the two I receive a message saying that

The New Trust Wizard cannot continue becasue the specified domain cannot be contacted.

Either the domain does not exist, or network or other problems are preventing connections.

I can ping each of the servers so there is connectivity.  But I need them to be able to talk to one another.  I'm sure I am doing something stupid here, but have no clue as to what.  Any help would be greatly appreciated!
0
Comment
Question by:vbowman
  • 5
  • 4
9 Comments
 
LVL 83

Expert Comment

by:oBdA
ID: 18014699
You need a working DNS resolution between the two domains, and you need to create the trust using the domain's FQDN name.
To get this name resolution, either setup secondary forward lookup zones for the respective other domain on each DNS servers and let them replicate, or use conditional forwarding (Properties of the DNS servers, tab "Forwarders") for the respective other domain on each DNS server.
0
 

Author Comment

by:vbowman
ID: 18014955
I tried the first option you mentioned, but I get Zone not loaded by DNS Server.  I guess I missed a step.
0
 
LVL 83

Expert Comment

by:oBdA
ID: 18015055
You need to add the secondary server as name server to the properties of the zone on the DNS server that is the primary for the domain, otherwise the DNS server holding the primary zone won't allow the replication.
0
 

Author Comment

by:vbowman
ID: 18015321
I am sorry I must be dense today.  I am not sure I understand what you mean with the last entry.  I did add seconday forward lookup zones for both of the domains.  Do you mean I also need to add them in the primary zone?  If so, how do I accomplish this?  Thanks in advance!  
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 83

Expert Comment

by:oBdA
ID: 18015776
You need to register the secondary DNS servers as valid DNS servers on the zone hosting the primary zone; if the primary DNS server doesn't know the sceondary, it will refuse the replication of the zone.
Look in the properties of the zone on the primary server, there should be a tab "DNS servers", where you can define to which DNS servers can be replicated.
0
 

Author Comment

by:vbowman
ID: 18015824
Do you mean under properties of domain.local under the forward lookup zone?  Coz I do not see that tab.  Maybe I am totally in the wrong place.  All I see is Zone Transfers.

0
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 18018061
Yes, the Zone Transfers is the one.
0
 

Author Comment

by:vbowman
ID: 18023961
That is where I did set it up.  Still no trust.  Darn, any other thoughts?
0
 

Author Comment

by:vbowman
ID: 18025290
I think I am setup!  Thanks for all your help.  You are a gem.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now