Creating trusts between W2K3 and W2K ad domains problem

[iggy07]

i am trying to create a trust relationship between 2 domains, so i
started creating it from the w2k3 domain.
The actual process went fine, I created a two-way selective auth.
trust and validate it for both directions (INCOMING and OUTGOING). i
have the admin username and password for the remote domain so that was
all good. I can browse the remote AD from my domain.

Now on the w2k domain i have looked and the trusts and saw that they
were created successfully. I tried to verify the trusts and got the
"Information from the primary DC for the domain X (the w2k3 domain)
cannot be obtained because: RPC server is unavailable"

now i know there are some things that need to be in place for the DNS
resolution to work properly, but to the best of my knowledge that
stuff is done and working.
First, there is a conditional forwarder set up in the w2k3 domain to
the w2k domain and that resolution works fine.
I also have a forwarder set up in the w2k domain to the w2k3 domain
and that one is working fine as well.
according to some posts i read, there has to be a secondary DNS zone
in the w2k domain for the w2k3 domain, so i have also completed that
successfully as well.

however the problems still persists...same error message..

any help will be appreciated
thanks

 

[Meinolf Weber]

Hello (e-mail address removed),

Have a look here:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_21905630.html

Go down to the end of the article and scroll up, there you find all comments,
maybe it helps a bit.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

 

[iggy07]

I did, however i have a severe brain freeze as far as stopping th DC's
from registering and using WINS on w2k.
:-(

 

[iggy07]

the one thing i did was take the wins server IP out of the advanced
settings for the network connection (LAN) on the DC's but that wasn't
it.

 

[iggy07]

do you have any other ideas? this is driving me nuts

 

[Paul Bergson [MVP-DS]]

Test the trust relationship between two domains
netdom trust trusting_domain_name /Domain:trusted_domain_name /verify

If you would like to test connectivity to validate FRS communication
NTFRSUTL version server_name
If the two can communicate through the firewall via
FRS the response will provide the current version number


If you would like to validate connectivity between the domains use the tool
PortQryUI
Download PortQryUI and run the tool
Select the destination DC
Select Domains and Trusts
Validate the ports that should be open in fact are
via the output provided by the tool.
For additional info on this tool see
PortQry features, this is the backend tool for PortQryUI

PortQry info (Base for UI Tool)
http://support.microsoft.com/default.aspx/kb/832919/

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.