Re: trust weirdness

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Let's focus on this step
So I entered Forward and Reverse lookup zones
within DNS on both sideswith no problems.

These should have been secondary DNS zones, each naming DNS
servers (DCs?) of the other domain to act as masters, right ?

Are your zones populating with records?

Note, on the W2k3 you could have used a stub zone or
a conditional forwarder definition instead, but what you
did (if secondary zones were used) is valid.

Roger

"BlueIT" <bijal.shah@xxxxxxxxxx> wrote in message
news:1174654257.036509.275720@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Trying to setup a two way trust for between Domain A and Domain B.
Domain A is 2000 AD and Domain B is 2003 AD, which shouldn't be a
factor.

So I entered Forward and Reverse lookup zones within DNS on both sides
with no problems. For safe measurement, I am even using WINS and
added partners.

In creating the trust I started with Domain B since 2003 has a nice
wizard.

Attempt 1:
I tried "Both this domain and the specified domain" first with no
luck. Error as follows:

Cannot create both sides of the trust because a primary domain
controller for the specified domain cannot be contacted.

The operation failed. The error is: The operation completed
successfully.

Attempt 2:
I tried "This domain only" with confirm outgoing and incoming trust.
Successfully completed but cannot be confirmed.

Verification for incoming failed: the trust password failed error
1355. Domain A does not exist or cannot be contacted.

On Domain A setting up Domains trusted by this domain or Domains the
trust this domain. Domain B cannot be contacted.

Attempt 3:
I tried "This domain only" without confirm outgoing and incoming
trust. Trust relationship created successfully.

On Domain A setting up Domains trusted by this domain. Domain B
cannot be contacted.

On Domain A setting up Domains trusted by this domain or Domains the
trust this domain. Domain B cannot be contacted.

I am baffled right now since I have already been about to establish
trust (I believe) between Domain B and Domain C. Domain C being 2000
AD also.



.

Relevant Pages

  • Re: Forcfully (manually) removing a domain
    ... As Herb suggested, you ADSIEDIT and delete the object (of ... The trust is broken, ... I went in and changed the DNS settings to what you instructed. ... The reverse lookup zones ...
    (microsoft.public.win2000.active_directory)
  • Re: Multidomain AD and DNS Help Needed
    ... two-way external non-transitive trust between the two domains. ... > Have DNS servers in each domain host a secondary copy of the other domains ... It was migrated from a Windows 2000 ... > zones so that both domains know about each other. ...
    (microsoft.public.windows.server.active_directory)
  • Re: trust weirdness
    ... These should have been secondary DNS zones, ... I tried "This domain only" with confirm outgoing and incoming trust. ...
    (microsoft.public.windows.server.active_directory)
  • Re: DNS not installing properly
    ... > with a Trust relationship the agencies primary DNS... ... Though I tried to load the zones it never takes with the active ... Accelerated MCSE ...
    (microsoft.public.win2000.dns)
  • Re: DCDIAG DNS Failure
    ... Without advance view I have 4 forward lookup zones and 7 reverse ... My DNS server is not multihomed. ...
    (microsoft.public.windows.server.dns)