RE: Domain Trust issue
- From: woisch <woisch@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 20 Mar 2009 01:56:01 -0700
Okay, i`ve now tried in a virtual environment to create a trust. I tried it
on two fresh domains and it works.
I removed the trust once more.
Then i created a computer account on both domains with the same name and
additional a user account witth same name on both domains.
I created the trust again and it works?! Why ??
In the real domain we used also wins server and i checked them. No
duplicated items.
That`s strange.....
@ Milun Jevremovic
I`ve a look at both domains in adsiedit and checked the CN=Users vor a
account with $ . No account found.
I`ve also checked the Active Directory Container "System" for a folder with
the type "trust" ..... but nothing.
If i make a:
DSQUERY COMPUTER -SAMID <DOMAIN-NAME>$
DSQUERY COMPUTER -NAME <DOMAIN-NAME>
i got an empty line on the command line....
The other strange thing is:
domain a: unlimitedttest.co.uk (not the real name)
domain b: heaventest.com (not the real name)
If i created a trust from unlimitedtest.co.uk:
1. External Trust
2. Two-Way
3. This domain only (not both this domain and the specified domain)
4. Domain-wide authentication
5. Trust password
the trust works from this side. If i configure it from the other side, it
didnt work....
And if i creat the trust from unlimitedtest.co.uk WITH "Both this domain and
the specified domain" i got the same error with the specified user.
I`m a little bit confused now. ;) Is the failure on the "heaventest.com"
domain? Because from the other domain i can create a trust....
Hope for help ;)
Thx
Woisch
"Milun Jevremovic" wrote:
Hello,.
when trust is created, In AD 2 objects are created:
- TDO (trusted domain object), which is usualy not creating problems
- User object (in Users container), containing NETBIOS name of
trusted/trusting domain with $ at the end. This user object is not visible in
ADUC, but it is in ADSIEdit.
Usualy when you get this error, on side where you are getting it you already
have object with identical username. Since we have $ at end, that is probably
COMPUTER object, although we possibly have earlier, not properly removed
trust with the same domain.
Regards,
Milun
"woisch" wrote:
Hi,
i`ve a problem creating a external trust between two domains.
1st: Windows Server 2003 (Windows Server 2003 SP2)
2nd: Windows 200 native (Windows Server 2003 R2 SP2)
DNS is configured with conditional dns and the dns resolution is not the
problem i think.
If i click finish to create the trust i got the error with "the specified
user already exists"
But i don`t know which user is meant ?!
There are no duplicatet user or computer accounts.
How could i solve this problem?
I`ve already read
http://support.microsoft.com/?scid=kb%3Ben-us%3B295335&x=8&y=8
http://support.microsoft.com/?scid=kb%3Ben-us%3B266633&x=12&y=10
Thx and regards
woisch
- Follow-Ups:
- RE: Domain Trust issue
- From: Milun Jevremovic
- RE: Domain Trust issue
- References:
- Domain Trust issue
- From: woisch
- RE: Domain Trust issue
- From: Milun Jevremovic
- Domain Trust issue
- Prev by Date: Web server issue
- Next by Date: Re: problem reading gpt.ini
- Previous by thread: RE: Domain Trust issue
- Next by thread: RE: Domain Trust issue
- Index(es):
Relevant Pages
|
