Solved

How do I re-establish a trust between two servers and how can I add a third server to the domain so it's services can be shared without duplicating user names on multiple servers?

Posted on 2008-10-10
7
211 Views
Last Modified: 2013-11-25
I have a third party company maintaining a static VPN from one main location to two other offices.  there is a 2000 or a 2003 box at each location but there is only one database server at the central location.  there are point of sale systems at each location and they all need to connect to the one database server.  it would appear that HQ has a pdc and a file server and a stand alone database server.  the file server is trusted by the pdc.  the pdc at HQ seems aware of the pdc at location A but it' is grey'd out and claims it can't connect to it.  The pdc at HQ is not aware of the pdc at location B.  never the less, the workstations at all three sites have been connecting to a share on all three servers until tonight.  Now the workstations at location B are still working and none of the ones at location A can open a share on the pdc at HQ or the stand alone server at HQ.  They can all ping each other as if they were on the same network.  HQ is 192.168.0.xxx.  location A is 192.168.10.xxx and location B is 192.168.20.xxx.  A connects through vpn to HQ and B connects through vpn to HQ but A and B are not connected to each other.
0
Comment
Question by:jglazer63
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22693327

How have you configured DNS to allow each domain to resolve names within the other?

Chris
0
 

Author Comment

by:jglazer63
ID: 22693758
I am not aware of any dns server being present in that network.  I am headed there now and I will look at that too.  Isn't there a way to have a shared host file for all the workstations so these ip's and names can be already known?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22693766

To an extent we can use DNS for that, but to resolve by host name only each system will need a DNS suffix search list configuring.

Chris
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:jglazer63
ID: 22693783
they are already configured with a suffix.  HQ.local and A.local and B.local, if "HQ" and "A" and "B" were the actual names.
0
 

Author Comment

by:jglazer63
ID: 22694926
After restarting the servers at both ends, I can no longer use the name and when I try to open a share using the ip, I get this error message: "There are currently no logon servers available to service the logon request"...
0
 

Author Comment

by:jglazer63
ID: 22695000
If I go into the trust properties and highlight the once working trust and press the 'validate' button, I get the error message: "Windoes cannot find a domain controller for the A.local domain.  Verify that a DC is available and then try again." and this is where I'm stuck.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 125 total points
ID: 22696831
Okay, the suffix helps the client resolve by hostname only, but it looks like we need to be checking name resolution handled by your DCs.

Presumably all clients on each side of the trust refer to their local DNS server for name resolution?

On those, what have you configured to allow the server to resolve names in the remote domain?

Chris
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question