ciscosupp
asked on
Problem accessing / mapping of shares in a different domain.
I have a single forest with multiple domains.
nnt.com (root domain)
uk.nnt.com (child domain)
usa.nnt.com (child domain)
I have a third party DNS server where all my clients point to.
The third party DNS server is synchronized with my child domains.
My client pc’s are joint to uk.nnt.com domain and can access/map any shares via name to a file server in the uk.nnt.com domain with no problems.
My problem is when users want to access/map shares to a file server in the usa.nnt.com domain they get error.
Logon unsuccessful:
The user name you typed is the same as the user name you logged in with.
That user name has already been tried. A domain controller cannot be found to very that user name.
When I use ip address of file server it works and when I try to access/map shares in usa.nnt.com domain from a pc which is not joint to domain it will ask for password and when I type in it works.
Please advice/help why can’t my pc’s joint to uk.nnt.com domain access/map shares to the file server in usa.nnt.com domain.
I can ping successfully the FQDN of file server and it can resolve ip address to name.
I also can resolve the DC.
My trust between domains is also working as I can use username and password of user in uk.nnt.com domain to access files in usa.nnt.com domain when pc is not joining to any domain.
nnt.com (root domain)
uk.nnt.com (child domain)
usa.nnt.com (child domain)
I have a third party DNS server where all my clients point to.
The third party DNS server is synchronized with my child domains.
My client pc’s are joint to uk.nnt.com domain and can access/map any shares via name to a file server in the uk.nnt.com domain with no problems.
My problem is when users want to access/map shares to a file server in the usa.nnt.com domain they get error.
Logon unsuccessful:
The user name you typed is the same as the user name you logged in with.
That user name has already been tried. A domain controller cannot be found to very that user name.
When I use ip address of file server it works and when I try to access/map shares in usa.nnt.com domain from a pc which is not joint to domain it will ask for password and when I type in it works.
Please advice/help why can’t my pc’s joint to uk.nnt.com domain access/map shares to the file server in usa.nnt.com domain.
I can ping successfully the FQDN of file server and it can resolve ip address to name.
I also can resolve the DC.
My trust between domains is also working as I can use username and password of user in uk.nnt.com domain to access files in usa.nnt.com domain when pc is not joining to any domain.
ASKER
I tried no luck same problem.
I try mapping/accessing shared in other domain with FQDM and I can only use name as my dns suffix is added for the other domain.
I also can resolve ip to name and name to ip successfully of the fileserver
I try mapping/accessing shared in other domain with FQDM and I can only use name as my dns suffix is added for the other domain.
I also can resolve ip to name and name to ip successfully of the fileserver
That is true, if you add host (A) record for other domain file server in your dns zone, its FQDN will obviously be created as host.yourdomain.com
But this is only available one of the best method.
once you created host (A) records, what important is it should be able to resolve to IP address of file server in another domain.
Can you please check on client computers and domain controllers advanced TCP/IP properties \ DNS tab for below.
ensure that "Append Primary and connection specific dns suffixes" radio button is selected
Ensure that "Append parent suffixes of primary dns suffix" checkbox is selected
Ensure that "register this connection addresses in Dns" checkbox is selected
If there is any deviation in the above settings, its probably you will face name resolution and connectivity issues
Mahesh
But this is only available one of the best method.
once you created host (A) records, what important is it should be able to resolve to IP address of file server in another domain.
Can you please check on client computers and domain controllers advanced TCP/IP properties \ DNS tab for below.
ensure that "Append Primary and connection specific dns suffixes" radio button is selected
Ensure that "Append parent suffixes of primary dns suffix" checkbox is selected
Ensure that "register this connection addresses in Dns" checkbox is selected
If there is any deviation in the above settings, its probably you will face name resolution and connectivity issues
Mahesh
ASKER
okay
In uk domain I have a file server called fileuk 192.168.1.50 and in usa domain I have a file server called fileusa 172.16.1.50
So basically I have to create one A record in both dns zones uk.nnt.com and usa.nnt.com
Uk.nnt.com zone
Fileusa 172.16.1.50 (FQDN fileusa.uk.nnt.com)
Usa.nnt.com zone
Fileuk 192.168.1.50 (FQDN fileuk.usa.nnt.com)
Please advice if this is what you mean.
In uk domain I have a file server called fileuk 192.168.1.50 and in usa domain I have a file server called fileusa 172.16.1.50
So basically I have to create one A record in both dns zones uk.nnt.com and usa.nnt.com
Uk.nnt.com zone
Fileusa 172.16.1.50 (FQDN fileusa.uk.nnt.com)
Usa.nnt.com zone
Fileuk 192.168.1.50 (FQDN fileuk.usa.nnt.com)
Please advice if this is what you mean.
yes, you are right
Mahesh
Mahesh
ASKER
Ok tried it no luck.
It’s not a DNS problem as it can resolve name to it and ip to name with no problem of file server.
What else can be the problem any advice
It’s not a DNS problem as it can resolve name to it and ip to name with no problem of file server.
What else can be the problem any advice
If you access shares via \\server.domain.com\share is it accessible ?
Do you have any firewall enabled between two domains or windows firewall on file servers that is blocking NetBIOS name resolution ?
If you ping hostname of us domain file server from uk domain, is it pings ?
OR
If you ping FQDN of us domain file server from uk domain, is it pings ?
Mahesh
Do you have any firewall enabled between two domains or windows firewall on file servers that is blocking NetBIOS name resolution ?
If you ping hostname of us domain file server from uk domain, is it pings ?
OR
If you ping FQDN of us domain file server from uk domain, is it pings ?
Mahesh
ASKER
yes I can ping both servers from both different domains.
Records for both fileserver can also resolve from ip to name and name to ip.
Records for both fileserver can also resolve from ip to name and name to ip.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
will try it
This will allow you to access file servers across domains by name such as \\server1
Single lable name will work within same domain or within workgroup environment fine in normal case but it will not work as expected between cross domains residing in different subnets
Mahesh