Link to home
Create AccountLog in
Windows 2000

Windows 2000

--

Questions

--

Followers

Top Experts

Avatar of Ciderspine
Ciderspine

Active Directory Trusts
Hello,

Until today, all our Windows trusts were working fine. We're running in mixed mode with Tree Root and Child trusts. Now, for some unknown reason, users can only login to the domain the computer is a member of whereas before a user could select the domain from the dropdown menu, select the domain in which their account exists and they were able to login. Anyone experienced  this? I've validated the trusts and not received any errors.

Zero AI Policy

We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.

Avatar of scuthberscuthber🇬🇧

I'd use DCDIAG on DC(s) in your domains & make sure the KnowsOfRoleHolders section passes.
Avatar of CiderspineCiderspine

ASKER

In the trusting or trusted domains?

Thanks.
ASKER CERTIFIED SOLUTION
Avatar of scuthberscuthber🇬🇧

Link to home
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Create Account
Avatar of CiderspineCiderspine

ASKER

Thanks,

I've got one of the trusts to work. The remove button was greyed out so I removed it with adsiedit and recreated it. But when I try to create the trust the other way I get messages about secure channel error and domain cannot be found.

It's mixed-mode domain - W2k and NT. Does that mean that I only have to manage the trusts from the windows 2000 servers or do I still need to manage the NT trusts?
Reward 1Reward 2Reward 3Reward 4Reward 5Reward 6

EARN REWARDS FOR ASKING, ANSWERING, AND MORE.

Earn free swag for participating on the platform.

Avatar of CiderspineCiderspine

ASKER

Tried nslookup (top tip - never thought of using it to lookup service records) and the workstations/server resolved every domain.
SOLUTION
Avatar of scuthberscuthber🇬🇧

Link to home
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Create Account
Avatar of scuthberscuthber🇬🇧

BTW, have you got a GC in each of your domains?
Avatar of CiderspineCiderspine

ASKER

I'm not sure. I inherited this network a few weeks ago - it's a large college network. My predecessor left no documentation and kept everyone in the dark. I would hazard a guess and say that there isn't a GC in every domain. I'll have a look. BRB
Free T-shirt

Get a FREE t-shirt when you ask your first question.

We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.

Avatar of CiderspineCiderspine

ASKER

There isn't a GC in each domain.
Avatar of CiderspineCiderspine

ASKER

I seem to have cracked it - not sure how.
Avatar of scuthberscuthber🇬🇧

I'm glad to hear that. Thanks for the points anyway!
Reward 1Reward 2Reward 3Reward 4Reward 5Reward 6

EARN REWARDS FOR ASKING, ANSWERING, AND MORE.

Earn free swag for participating on the platform.

Avatar of CiderspineCiderspine

ASKER

You're welcome. You cleared up a lot of thing I wasn't sure about.

Thanks,
Ben
Windows 2000

Windows 2000

--

Questions

--

Followers

Top Experts

Windows 2000 is an operating system for use on both client and server computers. It is the successor to Windows NT 4.0, and is the last version of Microsoft Windows to display the "Windows NT" designation. Four editions of Windows 2000 were released (Professional, Server, Advanced Server, and Datacenter Server) that shared a core set of features, including many system utilities such as the Microsoft Management Console. All versions of the operating system support NTFS 3.0, Encrypting File System, as well as basic and dynamic disk storage. The Windows 2000 Server family includes support for Active Directory services, Distributed File System and fault-redundant storage volumes.