Solved

AD Trusts

Posted on 2009-04-01
8
246 Views
Last Modified: 2012-05-06
Hey

I have got 2 root domains setup and configured with a forest wide trust. I can ping from each side, Map network drives and assign permissions to users in the other domain, however, I can view the other domain in my network places.

Any ideas please?
0
Comment
Question by:bostonste
  • 3
  • 3
  • 2
8 Comments
 
LVL 70

Expert Comment

by:Chris Dent
ID: 24038225

Do you mean you cannot view the other domain in my network places?

If you do...

Tell us about your WINS configuration? And your how you have your Master Browsers set? I take it each forest is on a separate IP subnet / Broadcast Domain?

Chris
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24038274
Browsing using My Network Places uses NetBIOS, which will in turn rely on WINS if you using multiple subnets.
In order to browse My Network Places across subnets you would need to have a WINS topolgy set up. In order to browse across domains, you would need two WINS servers replicating between each other.
The fact that you can ping and assign permissions across the trust proves that DNS isn't the issue.
http://technet.microsoft.com/en-us/library/cc786754.aspx 
0
 

Author Comment

by:bostonste
ID: 24039074
Hey there,

Im on a test lab here and the domains are on a single subnet! I have got netbios over tcp/ip enabled on both ends.

Cheers
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 24039131

Check which system is acting as the Master Browser for the subnet, that's the one that supposed to be building a list and providing it to clients for My Network Places.

You'll need / want BrowStat, it installs as part of the Support Tools.

It is the responsibility of each system in the network to announce itself to the Master Browser, which builds the list and gives it to clients on request. That means that the Computer Browser service must be started on all clients, the Firewall, if any, must allow the announcement, and the server must be listening.

You may find there are problems if they fight over who should be master browser, so you might have to statically set one as Browser, and one not to be using the registery keys documented here:

http://www.microsoft.com/downloads/details.aspx?FamilyID=f08d28f3-b835-4847-b810-bb6539362473&DisplayLang=en#overview

Chris
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:bostonste
ID: 24039404
Hi Chris

Thanks for the replys. I have got two DC's that have the PDC on them and active, so it must be that they are fighting over the role. I guess the fact that im doing my testing on a single subnet is why im having trouble.

Is it safe to disable it on one of them in the registry? and if so do u know which key 2 edit? I really wonna get this working because im playing with ADMT at the min.

Cheers
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 24039486

Yep, it's safe. None of this will touch AD at all, this is all old Windows NT level :)

Sorry, I'd put the wrong link in there. Here's the correct one. If present, delete the IsDomainMaster registry value as described below:

http://technet.microsoft.com/en-gb/library/cc959923.aspx

You should end up with just one Master Browser for the subnet, and hopefully it'll start to build an accurate list.

Chris
0
 

Author Comment

by:bostonste
ID: 24039508
That has worked a treat pal.. Thankyou very much for the help..

Lee
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24039509
Yoou change the key on the WINS server you want to become the master:
HKLM\System\CurrentControlSet\Services\Browser\Parameters\IsDomainMaster
Set this value to TRUE. This will mean this server always wins the election. Restart the browser service after making the change and it should win the election.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I'm sure that every Windows systems administrator has written, or at least used, a batch or VBS login script at some point in their career, whether it is to map network drives, install printers, or set some user preferences.  No more! With Window…
I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now