Solved

The local security authority is unable to obtain an RPC

Posted on 2007-03-26
1
5,107 Views
Last Modified: 2013-12-19
We are in the middle of a single forest migration, where we are consolidating 4 forests to 1. My issue is with one of the forests... It struggles to create trusts with the new forest and child domains.

The troublesome forest we can call Forest T, and the domain/forest we're trying to two way trust with A.

Both DC's in question are Windows 2003 Std Server SP2, the DC of Forest A is a R2 edition box.

Regardless of which direction i attempt to build the two trust in, I get an error stating:

"The local security authority is unable to obtain an RPC
connection to the Domain controller <REMOTE DC>."

For the record, none of the DC's in question are VM's. The VPN between the two sites is wide open, and furthermore i tested to see if I can telnet from either side on 445 135 389 and 88... and i can.

Whats the problem? Whats causing the RPC connection to fail? Any advice, comments, or ideas would be very welcome at this point.

Frustrated in Texas.

D
0
Comment
Question by:TGS-IS
1 Comment
 
LVL 28

Accepted Solution

by:
Michael Pfister earned 250 total points
ID: 18815051
Download PortQueryUI from

http://download.microsoft.com/download/3/f/4/3f4c6a54-65f0-4164-bdec-a3411ba24d3a/PortQryUI.exe

and let it run on one side and point it to server on the other side and vice versa. It tests more than a telnet can do.

If this doesn't show where the problem lies, you have to further troubleshoot it by installing a network sniffin tool on both ends, i.e. Wireshark (http://www.wireshark.org/) and check if the entire traffic is passing your VPN/routers.

0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question