Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Problem Creating Trusts Between Domains.

Status
Not open for further replies.
dreynolds20

dreynolds20

Technical User
Apr 3, 2004
28
GB
Hi,

I am trying to create a trust between my new Windows 2003 Domain and my old Windows NT Domain.

I have created the trust on my NT Domain but everytime I try and set it up on the new Domain I get teh error message below:

The verification of the incoming trust failed with the following error(s):
The target system FPSERVER does not support NetLogon trust password verification.
A secure channel reset will be attempted.
The secure channel reset failed with error 1355: The specified domain either does not exist or could not be contacted.

The verification of the outgoing trust failed with the following error(s):
The trust password verification test was inconclusive.
A secure channel reset will be attempted.
The secure channel reset failed with error 1311: There are currently no logon servers available to service the logon request.

My setup:

Old Domain:

172.35.1.*
WINS Enabled.

New Domain:

192.168.0.*
DNS Enabled.

Any help would be appreciated.

Cheers

Dave

 
Sort by date Sort by votes
i think first off they need to speak the same protocols...

you are trying to set up a trust where one side only speaks chinese and the other only japanese..

but im sure theres another reason, not convinced myself....
but anyway, if it can help :)

Aftertaf

"Resolve is never stronger than the night before it was never weaker
 
Upvote 0 Downvote
No it didnt mate.

I do appreciate your help on this.

The Windows NT domain can kind of see the new domain but the new Windows 2003 domain can not see the old one at all.

The I.P. Address scheme is different and they are both running parralell on the smae site.

 
Upvote 0 Downvote
I assume there a router in between?

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks
 
Upvote 0 Downvote
No.

They are sitting next to each other joined by a Cisco Switch.

 
Upvote 0 Downvote
Have you entered the IP address of your old server into the new domains DNS?

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks
 
Upvote 0 Downvote
Also is there just the one server left in the old domain, could you bring it into the same IP range?

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks
 
Upvote 0 Downvote
I added a new zone with the 172.35.0.* address's.

Because of the way everything is setup it is not possible to change the old system.

 
Upvote 0 Downvote
Any luck?

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks
 
Upvote 0 Downvote
simple solution would be go here on the Server 2003 C:\WINDOWS\system32\drivers\etc open host using notepad then enter this

172.35.0.* dnsoftheNT
172.35.0.* computernameofNT

that would let you enable trust

 
Upvote 0 Downvote
tdong could be right try that instead of the LMHOSTS file as ecunupe suggested.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks
 
Upvote 0 Downvote
Already done that, its a very strange problem.

I have done everything that has been recomended and I have everything I can think of and it still wont work but I have nothing strange here.

 
Upvote 0 Downvote
dreynolds20 after you added the LMHOSTS record can you ping the PDCe in the 2003 domain and vice versa by 'NetBIOS' name.

As aftertaf suggests it lookslike it's down to name resolution, I have a 2003 AD that trusts an NT4 Domain and vice versa with no problems. All i did was follow the instructions in the link and also add a Host (A) record into my Forward lookup zone pointing to the NT4 PDC and it's worked fine for five monthes now.


I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks
 
Upvote 0 Downvote
I can ping the servers by I.P. Address and by name.

I have the lmhosts files set-up, I have it created forward and reverse lookups in DNS, they are on the same site and plugged into the same switch.

The old domain can see me but I still cant see the old domain, I have disabled any firewalls or things that sit in the middle and it still does not work.

 
Upvote 0 Downvote
have you enabled netbios on your 2003 server?

Aftertaf

"Resolve is never stronger than the night before it was never weaker
 
Upvote 0 Downvote
Also did you say that you created a new zone in DNS, you should only need to add an (A) record to your current forward lookup zone.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks
 
Upvote 0 Downvote
Netbios is enabled on the servers.

Host Record has been created for the Windows NT DC.

 
Upvote 0 Downvote
The trust has been created on both the servers but when I try and validate the trust on the new server I get the message below.

Verification of the trust between the domain X and the domain X was unsuccessful because: There are currently no logon servers available to service the logon request.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
475
gbaughma
gbaughma
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
314
suncit
suncit
lacked
  • Locked
  • Question
problem with windows update on windows server 2016
Replies
1
Views
96
maybeimaleo
maybeimaleo
MoJHK
  • Locked
  • Question
ESXI server upload problem
Replies
3
Views
104
hairlessupportmonkey
hairlessupportmonkey
axilleas
  • Locked
  • Question
Windows 2012 R2 Active directory problem after applying GPO
Replies
7
Views
146
technome
technome

Part and Inventory Search

Sponsor

Back
Top