Unable to setup a one way trust relationship between two domains

Jerry Seinfield
Jerry Seinfield used Ask the Experts™
on
Hi Experts,

I am in the process of creating  a  one-way trust relationship between two domains, but I have had some issues.

Here is my configuration

Domain A: I have one server which has DC, all FSMO roles, DNS server etc. Domain and forest level functional is Windows 2003

Domain B I have one server which has DC, all FSMO roles, DNS server etc. Domain and forest level functional is Windows 2003

We have checked all port needed to open a  one trust relationship between Domain A and domain B as per KB http://support.microsoft.com/kb/179442 and sitll no luck

When I try to setup a one-way trust , I am not able to choose the one way trust relationship , and I only see two options, please see screenshot attached

Just to let you know, there is a DNS delegation name of the domain B into domain A. We have double checked the DNS delegation and looks weel, I am able to ping the DC and DNS server in domain B, nslookup looks fine. In domain B, I ran DCDIAG, and NLTEST and no issues were found, as well in domain A.

Can aynone point me on the right direction?



Trust-error.JPG
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
I think you are getting the domain name wrong. Or the DNS doesn't have the zone of the domain you are trying to form the trust with.
Make sure that the DC on which you are trying the configuration has good access to the other domain (ping the domain name, try querying the dns using nslookup)

Commented:
Just keep going through that wizard... you want a "trust with a Windows domain," and you're just going to make one of them and not add the reciprocal trust when you're done.

Commented:
Oh, right, I didn't actually read the screenshot message :O. Definitely seems like a DNS issue. You need to create at least stub zones for each domain in the other domain.
How to Generate Services Revenue the Easiest Way

This Tuesday! Learn key insights about modern cyber protection services & gain practical strategies to skyrocket business:

- What it takes to build a cloud service portfolio
- How to determine which services will help your unique business grow
- Various use-cases and examples

Author

Commented:
Hi rpassero,

I should able to see two button options, the first button is for activating a one way trust and the other button a two way trust, as a said, this is a daily task and I do not why I am getting this issue. Please see the second screenshot attached

Thanks
trust-error-II.JPG

Commented:
Must be a DNS or connectivity Issue as I suspected earlier. Check the DNS ...specially from the server you are trying to establish the trust. Run some nslookup queries. If they fail create a stub zone in the DNS server the dc is using.
Commented:
Agreed with comebui. Seems like you need to create a DNS stub zone for the second domain in the DNS server the DC in the first domain is using. Try removing the delegation records and adding the stub zones.

What do you get when you do a "nslookup Labfll.testnet.rim.net" and a "ping Labfll.testnet.rim.net"? Do both give you the expected results?

Author

Commented:
Thank you so much for all responses

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial