Solved

How do I re-establish a trust between two servers and how can I add a third server to the domain so it's services can be shared without duplicating user names on multiple servers?

Posted on 2008-10-10
7
205 Views
Last Modified: 2013-11-25
I have a third party company maintaining a static VPN from one main location to two other offices.  there is a 2000 or a 2003 box at each location but there is only one database server at the central location.  there are point of sale systems at each location and they all need to connect to the one database server.  it would appear that HQ has a pdc and a file server and a stand alone database server.  the file server is trusted by the pdc.  the pdc at HQ seems aware of the pdc at location A but it' is grey'd out and claims it can't connect to it.  The pdc at HQ is not aware of the pdc at location B.  never the less, the workstations at all three sites have been connecting to a share on all three servers until tonight.  Now the workstations at location B are still working and none of the ones at location A can open a share on the pdc at HQ or the stand alone server at HQ.  They can all ping each other as if they were on the same network.  HQ is 192.168.0.xxx.  location A is 192.168.10.xxx and location B is 192.168.20.xxx.  A connects through vpn to HQ and B connects through vpn to HQ but A and B are not connected to each other.
0
Comment
Question by:jglazer63
  • 4
  • 3
7 Comments
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22693327

How have you configured DNS to allow each domain to resolve names within the other?

Chris
0
 

Author Comment

by:jglazer63
ID: 22693758
I am not aware of any dns server being present in that network.  I am headed there now and I will look at that too.  Isn't there a way to have a shared host file for all the workstations so these ip's and names can be already known?
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22693766

To an extent we can use DNS for that, but to resolve by host name only each system will need a DNS suffix search list configuring.

Chris
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:jglazer63
ID: 22693783
they are already configured with a suffix.  HQ.local and A.local and B.local, if "HQ" and "A" and "B" were the actual names.
0
 

Author Comment

by:jglazer63
ID: 22694926
After restarting the servers at both ends, I can no longer use the name and when I try to open a share using the ip, I get this error message: "There are currently no logon servers available to service the logon request"...
0
 

Author Comment

by:jglazer63
ID: 22695000
If I go into the trust properties and highlight the once working trust and press the 'validate' button, I get the error message: "Windoes cannot find a domain controller for the A.local domain.  Verify that a DC is available and then try again." and this is where I'm stuck.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 125 total points
ID: 22696831
Okay, the suffix helps the client resolve by hostname only, but it looks like we need to be checking name resolution handled by your DCs.

Presumably all clients on each side of the trust refer to their local DNS server for name resolution?

On those, what have you configured to allow the server to resolve names in the remote domain?

Chris
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now