Solved

The local security authority is unable to obtain an RPC

Posted on 2007-03-26
1
5,132 Views
Last Modified: 2013-12-19
We are in the middle of a single forest migration, where we are consolidating 4 forests to 1. My issue is with one of the forests... It struggles to create trusts with the new forest and child domains.

The troublesome forest we can call Forest T, and the domain/forest we're trying to two way trust with A.

Both DC's in question are Windows 2003 Std Server SP2, the DC of Forest A is a R2 edition box.

Regardless of which direction i attempt to build the two trust in, I get an error stating:

"The local security authority is unable to obtain an RPC
connection to the Domain controller <REMOTE DC>."

For the record, none of the DC's in question are VM's. The VPN between the two sites is wide open, and furthermore i tested to see if I can telnet from either side on 445 135 389 and 88... and i can.

Whats the problem? Whats causing the RPC connection to fail? Any advice, comments, or ideas would be very welcome at this point.

Frustrated in Texas.

D
0
Comment
Question by:TGS-IS
1 Comment
 
LVL 28

Accepted Solution

by:
Michael Pfister earned 250 total points
ID: 18815051
Download PortQueryUI from

http://download.microsoft.com/download/3/f/4/3f4c6a54-65f0-4164-bdec-a3411ba24d3a/PortQryUI.exe

and let it run on one side and point it to server on the other side and vice versa. It tests more than a telnet can do.

If this doesn't show where the problem lies, you have to further troubleshoot it by installing a network sniffin tool on both ends, i.e. Wireshark (http://www.wireshark.org/) and check if the entire traffic is passing your VPN/routers.

0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
In-place Upgrading Dirsync to Azure AD Connect
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question