Solved

The local security authority is unable to obtain an RPC

Posted on 2007-03-26
1
5,182 Views
Last Modified: 2013-12-19
We are in the middle of a single forest migration, where we are consolidating 4 forests to 1. My issue is with one of the forests... It struggles to create trusts with the new forest and child domains.

The troublesome forest we can call Forest T, and the domain/forest we're trying to two way trust with A.

Both DC's in question are Windows 2003 Std Server SP2, the DC of Forest A is a R2 edition box.

Regardless of which direction i attempt to build the two trust in, I get an error stating:

"The local security authority is unable to obtain an RPC
connection to the Domain controller <REMOTE DC>."

For the record, none of the DC's in question are VM's. The VPN between the two sites is wide open, and furthermore i tested to see if I can telnet from either side on 445 135 389 and 88... and i can.

Whats the problem? Whats causing the RPC connection to fail? Any advice, comments, or ideas would be very welcome at this point.

Frustrated in Texas.

D
0
Comment
Question by:TGS-IS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 28

Accepted Solution

by:
Michael Pfister earned 250 total points
ID: 18815051
Download PortQueryUI from

http://download.microsoft.com/download/3/f/4/3f4c6a54-65f0-4164-bdec-a3411ba24d3a/PortQryUI.exe

and let it run on one side and point it to server on the other side and vice versa. It tests more than a telnet can do.

If this doesn't show where the problem lies, you have to further troubleshoot it by installing a network sniffin tool on both ends, i.e. Wireshark (http://www.wireshark.org/) and check if the entire traffic is passing your VPN/routers.

0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question