Microsoft Forefront Deploying Policy Error

Posted on 2009-05-14
Last Modified: 2012-06-27
I have a forefront server that is a member of and I'm attempting to deploy its policy in and I'm getting an error.  I believe all networking communication is fine but it is giving me the error below.
Question by:LrdKanien
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24409262
Three questions.
Is the second domain part of the same forest that the first domain is in so they are using the same credentials?
Second, are the security credentials being used valid - at administrator level - for the second domain or is there a trust in place?

What oS, service packs and AD level are each of the domains in question?

Author Comment

ID: 24413927
1.  second domain is part of the same forest as the root domain.  I'm logged in as myself with the FCS MMC up under Policy Management attempting to deploy to an OU in the 2nd domain.

2.  I am a member of enterprise admins in the root forest domain.

3.  the domain is server 2008 with domain functioning level of 2003 because I have 1 2003 Domain Controller.
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24414989
If you try and use administrator account credentials from the domain you are now trying to deploy to, does it make a difference? I have had some disturbing results when using the Enterprise Admin on some product installs. A similar situation occured recently when deploying System Center Operations Manager clients and, despite the implicit trust, we ended up having to use certificates  :(
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now


Author Comment

ID: 24417541
I'm not sure how you want me to proceed with that advice.  I'm using the FCS mmc to deploy the policy.  How would I deploy it with another users credentials?

I'd prefer the solution to be that I grant necessary access in the 2nd domain for the FCS to be able to deploy its policy there.
LVL 51

Accepted Solution

Keith Alabaster earned 250 total points
ID: 24418774
just log on as the administrator of the other domain on the same machine you are using now and fire up the mmc. You may well get the solution you would 'like' but we can quickly prove if it is viable.

Author Comment

ID: 24426523
was networking issue.  basically needed every port open as if it were on that same domain, 88, 445, 135 etc.
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 250 total points
ID: 24428000

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question