Re: Creating and verifying Domain trust programatically

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 07/06/05

Next message: Roger Abell: "Re: Cannot set SE_DACL_AUTO_INHERITED flag"

Previous message: Steven L Umbach: "Re: Creating and verifying Domain trust programatically"
In reply to: Steven L Umbach: "Re: Creating and verifying Domain trust programatically"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 6 Jul 2005 01:18:24 -0500

Oops. I almost forgot that netdom is another tools that may better serve
your needs in that you can use it to verify and establish trusts. See the
link below on netdom uses and syntax.. --- Steve

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/9f921edc-87f5-460e-89ee-9ca56ec1d096.mspx

"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:%234%23zzGfgFHA.3436@tk2msftngp13.phx.gbl...
>I am not a programmer but possibly you could use the tool nltest to do what
>you need. The links below explain more and may help point you in the right
>direction. --- Steve
>
> http://support.microsoft.com/?kbid=228477
> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/ea7f8494-ee1e-4d99-b28f-8f2fd8a72df2.mspx
> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/c694f7f1-e05a-474c-b02b-19a7575ed860.mspx
>
> "Devesh Sarwate" <Devesh.Sarwate@gmail.com> wrote in message
> news:OCR4Y%23cgFHA.3360@TK2MSFTNGP10.phx.gbl...
>> Hi All,
>> I need to implement the creation & verification of domain trusts
>> programatically. I am currently using the LSA APIs
>> (LsaQueryTrustedDomainInfoByName and LsaCreateTrustedDomainEx) for this
>> purpose.
>>
>> In some cases I do not have the credentials for one of the domains to
>> create the trust. In this case I would want to first verify if the trust
>> is already in place between the two domains and if the trust is broken
>> then I create one side of trust myself and ask the administrator for the
>> other domain to create the other part of the trust.
>>
>> The problem is that for using the Lsa APIs to get the existing trust I
>> need credentials for both the domains. Is there any way sueshot way of
>> programatically validating domain trusts between two domains without
>> having the credentials for one of the domains.
>>
>> This ought to be possible as the Domains and trusts MMC snapin does just
>> this when I click on the validate button on trust properties page.
>>
>> Can some one explain what the click on the validate button does
>> internally.
>>
>> Thanks
>> Devesh
>>
>
>

Next message: Roger Abell: "Re: Cannot set SE_DACL_AUTO_INHERITED flag"

Previous message: Steven L Umbach: "Re: Creating and verifying Domain trust programatically"
In reply to: Steven L Umbach: "Re: Creating and verifying Domain trust programatically"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]