Solved

How do I re-establish a trust between two servers and how can I add a third server to the domain so it's services can be shared without duplicating user names on multiple servers?

Posted on 2008-10-10
7
210 Views
Last Modified: 2013-11-25
I have a third party company maintaining a static VPN from one main location to two other offices.  there is a 2000 or a 2003 box at each location but there is only one database server at the central location.  there are point of sale systems at each location and they all need to connect to the one database server.  it would appear that HQ has a pdc and a file server and a stand alone database server.  the file server is trusted by the pdc.  the pdc at HQ seems aware of the pdc at location A but it' is grey'd out and claims it can't connect to it.  The pdc at HQ is not aware of the pdc at location B.  never the less, the workstations at all three sites have been connecting to a share on all three servers until tonight.  Now the workstations at location B are still working and none of the ones at location A can open a share on the pdc at HQ or the stand alone server at HQ.  They can all ping each other as if they were on the same network.  HQ is 192.168.0.xxx.  location A is 192.168.10.xxx and location B is 192.168.20.xxx.  A connects through vpn to HQ and B connects through vpn to HQ but A and B are not connected to each other.
0
Comment
Question by:jglazer63
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22693327

How have you configured DNS to allow each domain to resolve names within the other?

Chris
0
 

Author Comment

by:jglazer63
ID: 22693758
I am not aware of any dns server being present in that network.  I am headed there now and I will look at that too.  Isn't there a way to have a shared host file for all the workstations so these ip's and names can be already known?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22693766

To an extent we can use DNS for that, but to resolve by host name only each system will need a DNS suffix search list configuring.

Chris
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:jglazer63
ID: 22693783
they are already configured with a suffix.  HQ.local and A.local and B.local, if "HQ" and "A" and "B" were the actual names.
0
 

Author Comment

by:jglazer63
ID: 22694926
After restarting the servers at both ends, I can no longer use the name and when I try to open a share using the ip, I get this error message: "There are currently no logon servers available to service the logon request"...
0
 

Author Comment

by:jglazer63
ID: 22695000
If I go into the trust properties and highlight the once working trust and press the 'validate' button, I get the error message: "Windoes cannot find a domain controller for the A.local domain.  Verify that a DC is available and then try again." and this is where I'm stuck.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 125 total points
ID: 22696831
Okay, the suffix helps the client resolve by hostname only, but it looks like we need to be checking name resolution handled by your DCs.

Presumably all clients on each side of the trust refer to their local DNS server for name resolution?

On those, what have you configured to allow the server to resolve names in the remote domain?

Chris
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question