Can't Connect to Share on Other Domain by Name:
Hi.
We have 2 domains.
When I am in the new domain I can connect to any computer on the old domain except for one.
This one server is a 2008 x64 server. All others are 2003 or XP machines.
I can connect by using \\192.168.1.21 but not when I use \\ServerA.
I can't figure it out. I can use \\ComputerName to connect to any of the computers on the old domain except for this one.
Can someone help?
We have 2 domains.
When I am in the new domain I can connect to any computer on the old domain except for one.
This one server is a 2008 x64 server. All others are 2003 or XP machines.
I can connect by using \\192.168.1.21 but not when I use \\ServerA.
I can't figure it out. I can use \\ComputerName to connect to any of the computers on the old domain except for this one.
Can someone help?
khashayar01
how are the two domains connected? have you tried using \\ServerA.domainname.ext?
Is the 2008 server a DC? It sounds like DNS isn't getting updated properly in the new domain. Are you migrating to a new domain removing the old domain after migration? If so, you could create a manual host (A) record on the DNS in the new domain as a work around until the old domain is gone.
ASKER
khashayar01:
how are the two domains connected? have you tried using \\ServerA.domainname.ext? -I just tried this now and it DOES work. So the question now is how do I get it connect without having to type the full name?
digitap:
Is the 2008 server a DC?
-No. It is a normal application server.
It sounds like DNS isn't getting updated properly in the new domain. Are you migrating to a new domain removing the old domain after migration?
-Yes. That is the plan.
If so, you could create a manual host (A) record on the DNS in the new domain as a work around until the old domain is gone.
On the new domain? Explain. What server am I adjusting the record?
how are the two domains connected? have you tried using \\ServerA.domainname.ext? -I just tried this now and it DOES work. So the question now is how do I get it connect without having to type the full name?
digitap:
Is the 2008 server a DC?
-No. It is a normal application server.
It sounds like DNS isn't getting updated properly in the new domain. Are you migrating to a new domain removing the old domain after migration?
-Yes. That is the plan.
If so, you could create a manual host (A) record on the DNS in the new domain as a work around until the old domain is gone.
On the new domain? Explain. What server am I adjusting the record?
to make it work without the full name just create an A record in the DNS of the new domain for the inaccessible server in the old domain.
On DNS in the new domain, create the A record for the server in the old domain.
1. Start the DNS MMC snap-in (Start - Programs - Administrative Tools - DNS)
2. Expand 'Forward Lookup Zones' and select the DNS domain you wish to add a record to
3. Right click on the DNS domain zone and select 'New Host' from the context menu
4. Enter the name and IP address for the record and if you want a reverse pointer to be created.
5. Click Add Host
I wouldn't go to a lot of work to get FQDN to resolve correctly if the old domain is going away. It'll just be something you'll have to remove later anyway.
1. Start the DNS MMC snap-in (Start - Programs - Administrative Tools - DNS)
2. Expand 'Forward Lookup Zones' and select the DNS domain you wish to add a record to
3. Right click on the DNS domain zone and select 'New Host' from the context menu
4. Enter the name and IP address for the record and if you want a reverse pointer to be created.
5. Click Add Host
I wouldn't go to a lot of work to get FQDN to resolve correctly if the old domain is going away. It'll just be something you'll have to remove later anyway.
ASKER
It automatically appends the new domain name to the record.
There are forward lookup zones and reverse lookup zones.
They both contained the wrong record so I deleted them. They were pointing the IP address and name of the server to the NEW domain. It was on the new domain for a small time but was moved to the old domain. Windows may have even been reinstalled on the server and placed in the old domain by default after the re-build.
Regardless, I have created a new reverse lookup "pointer" but that didn't seem to make much of a difference. That was done before I posted the question.
How can I add a forward lookup zone pointing to the old domain when it's grayed out (see image)?
2.PNG
There are forward lookup zones and reverse lookup zones.
They both contained the wrong record so I deleted them. They were pointing the IP address and name of the server to the NEW domain. It was on the new domain for a small time but was moved to the old domain. Windows may have even been reinstalled on the server and placed in the old domain by default after the re-build.
Regardless, I have created a new reverse lookup "pointer" but that didn't seem to make much of a difference. That was done before I posted the question.
How can I add a forward lookup zone pointing to the old domain when it's grayed out (see image)?
2.PNG
You could try creating an CNAME (alias). Rather than slecting new host, select New Alias. Type the server name then type the FQDN of the host.
Regardless, it should still resolve properly even if the fqdn isn't correct. To test, you could create a host entry.
Regardless, it should still resolve properly even if the fqdn isn't correct. To test, you could create a host entry.
ASKER
Didn't seem to help. The error I get is shown in the image below.
I tried adding the CNAME file but no dice.
1.PNG
I tried adding the CNAME file but no dice.
1.PNG
this is a credentials issue. It's telling you that you don't have rights to access the resource. When you attempted UNC access to the server, you should have gotten prompted for a username and password if the credentilas you were logged on with didn't have access to the resource. The fact that you are getting the prompt tells me that DNS is resolving properly.
If you go to the command prompt and type nslookup servername does it resolve the IP address properly?
If you go to the command prompt and type nslookup servername does it resolve the IP address properly?
ASKER
When I do a nslookup on the server on the new domain I get the following:
Name: ServerA.Domain.com <-- this is good!
Address: 192.168.1.21 <--- this is good!
Aliases: ServerA.Domain.new <--- this is a problem!
I am running this on the DC on the new domain (domain.new).
It still seems to think that this server is in some way connected to the new domain, but it isn't!
Name: ServerA.Domain.com <-- this is good!
Address: 192.168.1.21 <--- this is good!
Aliases: ServerA.Domain.new <--- this is a problem!
I am running this on the DC on the new domain (domain.new).
It still seems to think that this server is in some way connected to the new domain, but it isn't!
ASKER
When I do a nslookup using the IP address it replies back the correct name (ServerA.Domain.com) but doesn't show the alias.
Like I mentioned earlier, when you type in the FQDN or the IP address it works properly.
There must be something somewhere that is still thinking this server is on the new domain.
Like I mentioned earlier, when you type in the FQDN or the IP address it works properly.
There must be something somewhere that is still thinking this server is on the new domain.
Was the server ever a dc on the new domain?
ASKER
No. It was on the new domain for a short while but it was not a DC.
To me, it looks like DNS is resolving properly. Now, it seems it's an authentication issue. You could be right about remnants of the server being in AD. I'd be interested to know if a client on the new domain (not the DC) would get the same error when trying to access network shares. I'd setup a client in this manner, create an account in both domains that match username and password. Then try to access the server. The research I've done on the error in the screen shot seemed to point to issues when access network shares on servers in a domain different from the DC in which the server belongs.
ASKER
The reason this whole thing came up was because we map 2 network drives to the server on this domain.
When my boss joined the new domain (for testing), he noticed that all drives were mapped successfully except for the 2 drives shared from this server.
I don't think it matters what user tries to access the share.
I logged on as myself and I get the same error.
The drives now map correctly because I changed the logon script to map these 2 drives using the FQDN.
I would still like to know what is causing this.
I almost feel as if this is happening because of the server OS. This is the only server in our domain running Server 2008. All other servers are 2003.
Maybe some new security settings within the OS are preventing this?
When my boss joined the new domain (for testing), he noticed that all drives were mapped successfully except for the 2 drives shared from this server.
I don't think it matters what user tries to access the share.
I logged on as myself and I get the same error.
The drives now map correctly because I changed the logon script to map these 2 drives using the FQDN.
I would still like to know what is causing this.
I almost feel as if this is happening because of the server OS. This is the only server in our domain running Server 2008. All other servers are 2003.
Maybe some new security settings within the OS are preventing this?
I'll ask a friend of mine to review this here on EE. I've not seen any of the event logs that would shed a lot of light on what's going on.
Is the new domain part of the same forest as the old domain?
ASKER
I believe so. There is some type of trust relationship between the 2 domains.
The original domain is DomainA.com and the new domain is DomainA.local (if that helps at all).
The original domain is DomainA.com and the new domain is DomainA.local (if that helps at all).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Was it SMB2?
ASKER
Yeah. Thanks for your help!
Excellent...glad I could help and thanks for the points!