Re: Windows 2000 --> 2003 Trust
From: Jonathan (Jonathan_at_discussions.microsoft.com)
Date: 10/21/04
- Next message: Glenn L: "Re: Windows 2003 slow restart and shutdown"
- Previous message: Todd J Heron: "Re: Windows 2003 slow restart and shutdown"
- In reply to: Glenn L: "Re: Windows 2000 --> 2003 Trust"
- Next in thread: Glenn L: "Re: Windows 2000 --> 2003 Trust"
- Reply: Glenn L: "Re: Windows 2000 --> 2003 Trust"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 21 Oct 2004 03:43:04 -0700
Glenn,
Thank you for your help so far.
I have checked the time between the two domains and they are within 30
seconds of each other, this may be a stupid question but how do I do a
simultaneous network trace?
TIA
Jonathan
"Glenn L" wrote:
> My experience with cross domain trust object picker errors like this have
> either been DNS related or kerberos related.
> Looks like name resolution is fine.
> First thing is to make sure the systems on each side of the trust are within
> 5 minutes of each other.
> A simultaneous network trace from both sides while re-proing the error will
> be very helpful in this case.
>
>
> --
> Glenn L
> CCNA, MCSE 2000, MCSE 2003 + Security
>
>
> "Jonathan" <Jonathan@discussions.microsoft.com> wrote in message
> news:177F8E8D-DD18-43B6-97E2-35F827B671D4@microsoft.com...
> > Glenn,
> >
> > I can see the 2000 domain as an option on the security tab, but when I try
> > and browse it I can not view any groups or users. But I can if I do the
> same
> > on the 2000 domain.
> >
> > Error I get on the 2003 server is "Server not operational".
> >
> > I have been using these external trusts with 2000 --> 2000 for a while
> with
> > no problem.
> >
> > So I set the DNS up in the same way as before.
> > I created a new forward lookup zone on each server and names the zone to
> be
> > the same as the other servers domainname. Then put a new host record in
> the
> > zone to point to the servername.
> >
> > The above has been working perfectly with just 2000 servers, is there
> > anything different to how Windows 2003 handles DNS?
> >
> > Jonathan (same company as Rich)
> >
> > "Glenn L" wrote:
> >
> > > When you say you can't see AD objects, are you talking about the the
> > > security tab of an object and attempting to add a user of group from the
> > > trusted domain.
> > > Is this what is failing. Does the trusted domain not show up as an
> option,
> > > or does it show up as an option.
> > > What is the exact error you are seeing?
> > > If this is so, then this is a DNS issue.
> > >
> > >
> > >
> > >
> > > --
> > > Glenn L
> > > CCNA, MCSE 2000, MCSE 2003 + Security
> > >
> > >
> > > "Rich" <ihate@spammers.com> wrote in message
> > > news:e2dNINotEHA.636@TK2MSFTNGP09.phx.gbl...
> > > > Hi,
> > > >
> > > > I am trying to create an external trust between a 2000 forest and a 20
> 03
> > > > forest. The trusts seem to create fine, I can even see the 2003
> active
> > > > directory objects on the 2000 server. But not the other way around on
> the
> > > > 2003 server (which is what I need).
> > > > The trusts are set to two-way non-transitive and the DNS appears to be
> > > > correct.
> > > >
> > > > I was using this method two join a couple of 2000 forests together and
> > > that
> > > > works ok, but I can't seem to do it using 2003, even to another 2003
> > > forest.
> > > >
> > > > Just incase, I have tried different domain and forest modes, at the
> moment
> > > I
> > > > am using 2003 native mode.
> > > >
> > > > This is not a forest trust, and I cannot use one due to the other
> forest
> > > > being 2000, it has to be an external trust.
> > > >
> > > > TIA
> > > >
> > > > Rich
> > > >
> > > >
> > >
> > >
> > >
>
>
>
- Next message: Glenn L: "Re: Windows 2003 slow restart and shutdown"
- Previous message: Todd J Heron: "Re: Windows 2003 slow restart and shutdown"
- In reply to: Glenn L: "Re: Windows 2000 --> 2003 Trust"
- Next in thread: Glenn L: "Re: Windows 2000 --> 2003 Trust"
- Reply: Glenn L: "Re: Windows 2000 --> 2003 Trust"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
