• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 370
  • Last Modified:

Trust relationship has failed for National domain

We have a domain controller located in a remote location (A) with ip scheme xxx.xxx.1.xxx.  We can join a computer to the domain in location (B) with ip scheme xxx.xxx.2.xxx  because we have setup a hardware vpn tunnel to location (A).  When we move the computer to a new location (C) with ip scheme xxx.xxx.3.xxx that also has a hardware vpn to location (A) we get the "Trust relationship has failed..." error.  In summation:
A to B = Join Domain
A to C = Trust relationship error
The only way for us to get around this error is to disjoin and rejoin the domain from the (C) location.
What is the reason for this, and how can I make it so that I don't get this error from any location regardless of when the computer was joined to the domain originally?
0
nafty
Asked:
nafty
  • 4
  • 4
1 Solution
 
devinnoelCommented:
Does each site have it's on domain controller & DNS server?
Do you have the 3 separate subnets entered into their own site under Active Directory Sites & Services?
Have you checked the system logs for domain controllers at each location? Any problems, especially with the file replication service or directory services?
0
 
naftyAuthor Commented:
Does each site have it's on domain controller & DNS server? - no
Do you have the 3 separate subnets entered into their own site under Active Directory Sites & Services? - they are all on the same subnet
Have you checked the system logs for domain controllers at each location? Any problems, especially with the file replication service or directory services?
0
 
devinnoelCommented:
Is the DNS entries for each site all pointing to a DNS server hosted on Active Directory at site A?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
devinnoelCommented:
they are all on the same subnet

Is it subnetted as a class A or class B subnet that includes all 3 sites?
0
 
naftyAuthor Commented:
Each site connects to the only domain controller/ dns server through an IPSEC VPN tunell. Each site is on a seperate subnet as listed in the question. I just added one of the subnets of site(B) into the reverse lookup zone of the DNS server as asked in comment 1 but the other site (C) was fine.
0
 
naftyAuthor Commented:
devinnoel: each site gets directed to the DNS of Site A
0
 
devinnoelCommented:
How are the subnets listed in Active Directory Sites & Services?
0
 
naftyAuthor Commented:
Adding the reverse lookup zones for each site's subnet appears to have resovled the issue.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now