Solved

Setting up a trust between two 2003 Servers

Posted on 2006-11-26
9
327 Views
Last Modified: 2011-10-03
Hi all,

I am having a problem setting up a trust relationship between two domains.  One server is running Server 2003 standard and the other one is a new server that I am setting up that came with Server 2003 R2.

When I try to setup the trusts between the two I receive a message saying that

The New Trust Wizard cannot continue becasue the specified domain cannot be contacted.

Either the domain does not exist, or network or other problems are preventing connections.

I can ping each of the servers so there is connectivity.  But I need them to be able to talk to one another.  I'm sure I am doing something stupid here, but have no clue as to what.  Any help would be greatly appreciated!
0
Comment
Question by:vbowman
  • 5
  • 4
9 Comments
 
LVL 84

Expert Comment

by:oBdA
ID: 18014699
You need a working DNS resolution between the two domains, and you need to create the trust using the domain's FQDN name.
To get this name resolution, either setup secondary forward lookup zones for the respective other domain on each DNS servers and let them replicate, or use conditional forwarding (Properties of the DNS servers, tab "Forwarders") for the respective other domain on each DNS server.
0
 

Author Comment

by:vbowman
ID: 18014955
I tried the first option you mentioned, but I get Zone not loaded by DNS Server.  I guess I missed a step.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 18015055
You need to add the secondary server as name server to the properties of the zone on the DNS server that is the primary for the domain, otherwise the DNS server holding the primary zone won't allow the replication.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:vbowman
ID: 18015321
I am sorry I must be dense today.  I am not sure I understand what you mean with the last entry.  I did add seconday forward lookup zones for both of the domains.  Do you mean I also need to add them in the primary zone?  If so, how do I accomplish this?  Thanks in advance!  
0
 
LVL 84

Expert Comment

by:oBdA
ID: 18015776
You need to register the secondary DNS servers as valid DNS servers on the zone hosting the primary zone; if the primary DNS server doesn't know the sceondary, it will refuse the replication of the zone.
Look in the properties of the zone on the primary server, there should be a tab "DNS servers", where you can define to which DNS servers can be replicated.
0
 

Author Comment

by:vbowman
ID: 18015824
Do you mean under properties of domain.local under the forward lookup zone?  Coz I do not see that tab.  Maybe I am totally in the wrong place.  All I see is Zone Transfers.

0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 18018061
Yes, the Zone Transfers is the one.
0
 

Author Comment

by:vbowman
ID: 18023961
That is where I did set it up.  Still no trust.  Darn, any other thoughts?
0
 

Author Comment

by:vbowman
ID: 18025290
I think I am setup!  Thanks for all your help.  You are a gem.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question