Improve company productivity with a Business Account.Sign Up

x
?
Solved

Could not find domain controller for this domain - Establishing NT 4.0 - 2003 Trust

Posted on 2007-12-06
6
Medium Priority
?
1,519 Views
Last Modified: 2013-12-23
I'm trying to create a trust relationship between a Windows NT 4.0 domain and an AD Domain running on 2003 R2. The user manager tells me that it "Could not find domain controller for this domain". I've already added the lmhosts file and edited the restrictedanonmyous reg key.

Any ideas?
0
Comment
Question by:phadavid
6 Comments
 
LVL 12

Expert Comment

by:Freya28
ID: 20422596
try this and you should be good

http://support.microsoft.com/kb/178640
0
 
LVL 21

Assisted Solution

by:za_mkh
za_mkh earned 800 total points
ID: 20422866
When you say you added the LMHosts entries I am assuming you wrote them using the #PRE #DOM options for those entries. Be aware that sometimes that file is very sensitive, so ensure that you use TABS for the next column, etc.

To verify if those settings are loaded onto the computer, you can do a nbtstat -R and nbtstat -c to see if the entries are loaded. The -R is case sensitive.
0
 

Author Comment

by:phadavid
ID: 20422998
Already did the reg edit.

Also verified the lmhost entries
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
LVL 86

Accepted Solution

by:
oBdA earned 1200 total points
ID: 20423641
A trust between relies exclusively on NetBIOS. Make sure NetBIOS over TCP/IP is enabled on the W2k3 DC.
Then you'll need inter-domain NetBIOS name resolution as well.
Yes, it can be done using lmhosts (on all DCs involved), but that requires a specially formatted lmhosts for the necesasry 1B entry.
How to Write an LMHOSTS File for Domain Validation and Other Name Resolution Issues
http://support.microsoft.com/?kbid=314108

It's easiest to do if both domains are using either the same WINS server, or if there are WINS servers in both domains with replication setup between them.
How to establish trusts with a Windows NT-based domain in Windows Server 2003
http://support.microsoft.com/?kbid=325874
0
 

Author Comment

by:phadavid
ID: 20452962
I enabled NetBIOS over TCP/IP on the Windows Server 2003 BOX running as a DC.
I am able to ping successfully to and from both DC's using ip addresses and dns names.
net view [2003DC] results in "System error 5" - Access is denied
net view [NTDC] results in "System error 1788"
 
They are both using the same WINS server.

[NTDC] is still unable to find domain.
0
 

Author Comment

by:phadavid
ID: 20454937
Ended up using a net use command on the NT DC, then establishing trust. A restart later, it did the trick. Thanks to everyone who helped!
0

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
I’m a fan of folder redirection, however, it does have a couple of “Gotchas!” you have to look out for.  For example, if you redirect a user’s AppData folder to a DFS namespace, shortcuts on the taskbar are no longer trusted.  Here’s how to fix that.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

608 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question