Announcement

Collapse
No announcement yet.

Problems with domain trust

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problems with domain trust

    I've got a newly built application server in a location behind a firewall. Initially there was a problem with joining to the domain (say location1.domain.net) due to FW rules. It's now joined. Then it turned up there was a problem with activation due to same reason. That's now resolved. Now I'm finding that no user from trusted domain location2.domain.net can rdp to that server getting "domain doesn't exist or couln't be contacted". I heve no access to the DC nor to the firewall. Is there a way to figure out what's causing the problem on the affected host itself?

  • #2
    If you don't have any access to the firewall then you will need to work with the firewall administrator to get it resolved.
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Firewall is clean on the connection attempt I mean no blocked traffic. It gets worse as apparently other users from the location2.domain.net are authentication successfully against that DC. The wording for the domain I used makes things a bit confusing. I should have probably use "region" instead. So again users from region2 are authenticating successfully agains the DC in region1 yet no region2 user can authenticate to the server thats in a site in region1 if that makes more sense.

      Comment


      • #4
        Sorry that doesn't make more sense. They way I read your post:
        - Users in region2 can authenticate to DC in region1
        - Users in region2 cannot authenticate to server in region1
        Not sure what this means...

        Where is the server you built?
        Is this server having issues accessing region1?
        Or are users having issues accessing this server you built?


        Regards,
        Jeremy

        Network Consultant/Engineer
        Baltimore - Washington area and beyond
        www.gma-cpa.com

        Comment


        • #5
          - users in region 2 can authenticate to the DC in region 1 - trust relationship
          - users in region 2 when attempting to access the newly built site server 2012R2 (joined to region 1 domain) get "domain doesn't exist or couln't be contacted"
          As another step being logged on as a local admin I was attemtping to add my region2 account to Remote Desktop Users.
          I was asked for global domain credentials while doing that. My region2 credentials workted as much as they allowed me to select the Add button and list all domains when pressing on Locations. When I selected the region2 domain and tried to find my account it wasnt found. When I selected Advanced to display all available accounts none was shows and a message stated "The server is not operational"
          Last edited by yaro137; 2nd June 2015, 14:47.

          Comment


          • #6
            What DNS server(s) are configured on this new server? Can the new server resolve domain resources?

            Can you post an ipconfig /all and the IP addresses of your DNS servers and domain controllers?
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment


            • #7
              DNS was the first thing I checked and it looked all right. Just turned out that I could log on using [email protected] format but not region2.domain\account. Saying that after uninstalling RDS on that box I can log on using either format.

              Comment


              • #8
                Turned out a firewall rule needed to be added to allow traffice between the new server and a DC in region2. Not sure why as the domain trust should have taken care of authentication.

                Comment


                • #9
                  Thanks for sharing!
                  Regards,
                  Jeremy

                  Network Consultant/Engineer
                  Baltimore - Washington area and beyond
                  www.gma-cpa.com

                  Comment

                  Working...
                  X