Trust Anyone??

[lizzieborden]

I'm trying to recreate a trust between nt4 and 2003 server domains. I can see all machines on both sides. Can add the trust on the nt4 domain but not on the 2003 domain.

I can access shares from the nt4 to the 2003 server but not from the 2003 to the nt4.

In the event viewer on the nt 4 side I see event id 5721. I don't see anything in the 2003 event viewer.

Ran Nltest from the 2003 side and get ERROR_NO_SUCH_DOMAIN. I also get an error from the nt4 server side and get ERROR_NO_SAM_AVAILABLE

 

[globalstrata]

Is your 2003 in mixed mode? Start the trust using the Trust Wizard from Windows 2003 first. It will do all the setup for you. Instead of trying to do it manually from NT 4 and then Win 2003



Gladys Rodriguez
GlobalStrata Solutions

http://www.globalstrata.com

 

[lizzieborden]

I am using the trust wizard. Keep getting error "cannot continue after adding the domain name in the 2003 dc trust wizard. Then I see error 5721 in the nt4 pdc event log. The tried to do it manually and that's when I get ERROR_NO_SUCH_DOMAIN and ERROR_NO_SAM_AVAILABLE.

 

[globalstrata]

That seems like a Name resolution problem. Make sure that you have both DC in each other WINS and DNS server manually entered. In 2003, you will not need WINS but in NT you do.



Gladys Rodriguez
GlobalStrata Solutions

http://www.globalstrata.com

 

[lizzieborden]

Wouldn't the name resolution be okay if I can ping by name and ip? I tend to think it's a DNS issue somewhere myself but have been working on it for about 2 weeks with no resolution. Tried several things?????

I can see everything on the 2003 network from the nt4 network and access everything but not vice versa.

I can see everything from the 2003 network but can access nothing. I also see my administrator user showing up on the network as "Account Unknown. Don't know how to change this???

 

[globalstrata]

Ping uses DNS. It does not test for NetBIOS which is what NT uses. You would be able to see things within the same netwrok if the browser is broadcasting, but replication and account authentication wont occurr. Add static record to WINS and try to see if that fixes it. If you do not want to do that, then try creating an LMHOST with the following

x.x.x.x <server> #PRE #DOM:<domain>

Where <server> and <domain> are replaced with your information. Then in the command prompt of the NT server do

nbtstat -R





Gladys Rodriguez
GlobalStrata Solutions

http://www.globalstrata.com

 

[lizzieborden]

I do have a static mapping in WINS and I'm also using an lmhosts file.

When I use the 2003 trust wizard I get an error "Cannot Continue". "The trust relationship can not be created because the following error occurred: The Local Security Authority is unable to obtain an RPC connection to the controller (server name). Please check that the name can be found and the server is available."

All input is appreciated.

 

[globalstrata]

Try this:

http://support.microsoft.com/default.aspx?scid=kb;en-us;296403

Gladys Rodriguez
GlobalStrata Solutions

http://www.globalstrata.com

 

[lizzieborden]

I'll try it and let you know.

I've worked on this too much. Now I can't even see that network through Windows Explorer or Network neighborhood. I think it's a WINS thing but not sure which side to look at??? Funny thing is, they can still see this network...

 

[Microsock]

man try demoting the nt pdc !!!!!!!