Problem with domain trust after W2003SP1 upgrade

• Previous message: Dennis: "how to apply Software rectiriction policy"
• Next in thread: Christian Stinakovits via WinServerKB.com: "Re: Problem with domain trust after W2003SP1 upgrade"
• Reply: Christian Stinakovits via WinServerKB.com: "Re: Problem with domain trust after W2003SP1 upgrade"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 11 Apr 2005 17:20:27 +0200

I just upgraded the server on my domain with Windows 2003 SP1 and I'm
experiencing problems with trust relationships. Does anyone have an idea
what could be wrong here?

Here's the situation:
- my domain: cc.local, Windows 2003 native domain and Windows 2003 native
forest, 1 AD server W2003 SP1
- trusted domain: qualiphar.local, Windows 2003 native domain and Windows
2000 forest (has another domain in it that is still at Windows 2000 level),
2 AD server with W2003 (no SP1 yet)

Since installing SP1 on my server, the event log reports 5719 event id's on
the trust (see below).

I then tried to remove the trust and recreate it.
When recreating it from the cc.local domain controller it tells me: The
operation failed. The error is: Unspecified error.

When creating it from a qualiphar.local domain controller, the trust seems
to create all right, but at the end a message says:
"The verification of the incoming trust failed with the following error(s):
The trust password verification test was inconclusive.
A secure channel reset will be attempted.
The secure channel reset failed with error 1727: The remote procedure call
failed and did not execute.

The outgoing trust has been verified. It is in place and active.
"

If I validate the trust later on, I get the same error.

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
Date: 11/04/2005
Time: 14:31:25
User: N/A
Computer: SCC-SRV1
Description:
This computer was not able to set up a secure session with a domain
controller in domain QUALIPHAR due to the following:
The remote procedure call failed and did not execute.
This may lead to authentication problems. Make sure that this computer is
connected to the network. If the problem persists, please contact your
domain administrator.

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up
the secure session to the primary domain controller emulator in the
specified domain. Otherwise, this computer sets up the secure session to any
domain controller in the specified domain.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1c 00 02 c0 ...À

regards,
Stefan Cuypers

• Previous message: Dennis: "how to apply Software rectiriction policy"
• Next in thread: Christian Stinakovits via WinServerKB.com: "Re: Problem with domain trust after W2003SP1 upgrade"
• Reply: Christian Stinakovits via WinServerKB.com: "Re: Problem with domain trust after W2003SP1 upgrade"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]