Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Unable to browse trusted domain from XP clients

Posted on 2010-08-24
6
Medium Priority
?
1,025 Views
Last Modified: 2012-05-10
Hi,

I have two Windows 2003 Forest domains with a 2 way fully transitive trust established between both forests.
The trust appears to be working fine and servers and clients and see both domains in the 'logon to' drop down box at login. There is no issue with users logging into either domain.

The issue im having is that from my XP client machines i can't browse the trusted domain from within Network Neighbourhood. I get a message about possible permissions on the server.

My servers can browse the trusted no problem so it seems to just be the XP clients.

I used the brows master tool with the status switch and i see that my browse master is another XP client from the same domain. Is this correct and could this be the problem?

I have tried to added the DNS suffix of both domains on the NIC on the XP client but still no difference.

Any ideas anyone?
0
Comment
Question by:NoelMCM
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 5

Expert Comment

by:DanMar
ID: 33509385
Set up conditional forwarding in both DNS servers to point to each other for the respective domains.  If your workstations are using these DNS servers for DNS then resolution should work.
Instructions here:
http://articles.techrepublic.com.com/5100-10878_11-5112303.html
 
0
 
LVL 2

Expert Comment

by:zsaurabh
ID: 33509626
Try NSLOOKUP to resolve the second domain from First
Check if you have A record for the first server in the second domain
check if http port 80 is open on the firewall to browse the TCP/IP traffic
0
 

Author Comment

by:NoelMCM
ID: 33510223
I have conditional forwarding configured for both both DNS servers. Workstations do look to their respective DNS servers but are still unable to browse the trusted domain with Network Neighbourhood.

NSLookup works fine in both domains and even on the XP clients i can do an nslookup to the trusted domain and it returns the correct results.

The login screen on the XP clients do list both domains and will allow accounts in the trusted domain to login.

The issue is when i browse in Network neighbourhood to the trusted domain it fails. The aim of what i trying to do is under Computer Management in the local administrators group add the Domain Admins security group from the trusted domain but when i click on locations i only see the local domain. If i do the same on any server i see both the local domain and the trusted domain. Just seems to be an issue with the Clients.

Both domains are on the same network segement so there is no firewalls betweeen them.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 5

Expert Comment

by:DanMar
ID: 33510376
Do you have WINS enabled?  You could install a WINS server and add settings to clients in DHCP.  You can then set WINS lookup integration in the DNS server.
0
 

Author Comment

by:NoelMCM
ID: 33519241
WINS is enabled on the clients but we don't have a WINS server. Can't figure out why my cliets are seeing one view from with Computer management and the servers are seeing a different view.


XP-CLient-View.JPG
Server-View.JPG
0
 

Accepted Solution

by:
NoelMCM earned 0 total points
ID: 33521747
Found this article which describes the issue exactly and apparently its default behaviour and can get around it by using the UPN for the account or group. Thanks anyway everyone.

http://support.microsoft.com/kb/878452 (The Object Picker cannot locate objects that are located in another forest in Windows XP and Windows 2000)
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question