Re: Two way trust between NT4 PDC and NT2003 server
From: Oli Restorick [MVP] (oli_at_mvps.org)
Date: 05/06/04
- Next message: Lillian: "Re: Two way trust between NT4 PDC and NT2003 server"
- Previous message: David Cross [MS]: "Re: CRL and AIA CDP in certificates exposes internal AD configuration information"
- In reply to: Oli Restorick [MVP]: "Re: Two way trust between NT4 PDC and NT2003 server"
- Next in thread: Lillian: "Re: Two way trust between NT4 PDC and NT2003 server"
- Reply: Lillian: "Re: Two way trust between NT4 PDC and NT2003 server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 5 May 2004 23:30:55 +0100
Reading that back, I whizzed very quickly between three different setups.
To clarify:
1) Full WINS -- it should just work if all DCs are set to use the same WINS
infrastructure.
2) No WINS -- use LMHOSTS
3) Two WINS islands -- use static enties (or LMHOSTS).
Oli
"Oli Restorick [MVP]" <oli@mvps.org> wrote in message
news:eHQ79$uMEHA.3400@TK2MSFTNGP09.phx.gbl...
> One thing you didn't mention here is WINS.
>
> Are you using WINS? Are all DCs able to communicate and register with the
> same (or replicated) WINS server?
>
> See the following for how to write LMHOSTS files to allow the DCs to find
> each other.
>
> Domain Trust Relationship Cannot be Created
> http://support.microsoft.com/default.aspx?scid=kb;en-us;197808
>
> If you have two separate WINS databases that you don't want to replicate
> to each other, you can also create static domain records (1B and 1C) in
> each WINS database to allow the other side of the trust to be found.
>
> Bear in mind that Microsoft does not generally recommend using static
> entries in WINS.
>
> If one DC can resolve the other domain and another can't you'll get
> seemingly-random incidents of users being unable to log in across the
> trust. The Domain Monitor (dommon.exe) utility from the Windows 2000
> Resource Kit is great for checking that you've got everything right.
> Unfortunately, it doesn't seem to be available for download, although you
> will have it if you are a TechNet subscriber.
>
> Hope this helps
>
> Oli
>
>
> "Lillian" <anonymous@discussions.microsoft.com> wrote in message
> news:8ec801c432de$050ec8c0$a101280a@phx.gbl...
>> I have to establish two way trust between NT4(PDC) and
>> NT2003 server with active directory, the NT4 server
>> domain name is call "infoservices", host name is call
>> costandby, the NT2003 server is call "glc.training.gov"
>> has DNS, when I try to establish two way trust, first
>> from NT4 I add "training" from trusted, then from NT2003
>> server I new trust "infoservices" as incoming, then
>> outgoing, then NT4 server I add "training" as
>> trusting,the final when I want to validate from NT2003,
>> it say" verification of trust between domain traing.gov
>> and domain infoservices was unsuccessful because there
>> are current no logon servers available to service the
>> logon request, to repair a trust a pre-windows 2000
>> domian you must remove and re-add the trust on both
>> sides." before I do this I created an username"trust" on
>> both NT4 and NT2003 server with same password has domain
>> admins and administrators prevelidge, so what is wrong
>> with this setup? can someone help me? what is meant
>> by "no logon servers available to service the logon
>> request"
>>
>> Thanks.
>>
>> Lillian
>>
>
>
- Next message: Lillian: "Re: Two way trust between NT4 PDC and NT2003 server"
- Previous message: David Cross [MS]: "Re: CRL and AIA CDP in certificates exposes internal AD configuration information"
- In reply to: Oli Restorick [MVP]: "Re: Two way trust between NT4 PDC and NT2003 server"
- Next in thread: Lillian: "Re: Two way trust between NT4 PDC and NT2003 server"
- Reply: Lillian: "Re: Two way trust between NT4 PDC and NT2003 server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
