HPE Community
Windows Server 2003
1847080 Members
4835 Online
110262 Solutions
New Discussion

Re: Trust nt vs win 2003

 
Alberto Mendoza
Advisor

‎09-02-2005 03:45 AM

‎09-02-2005 03:45 AM

Trust nt vs win 2003

Hi

I have the following message of error when creating the trust between NT and 2003: "The local security authority is unable to obtain an RPC connection to the domain controller SERVERNT. Please check that the name can be resolved and that the server is available"

When creating the trust in NT is satisfactory, and in 20003 it swhows the error message.

Thanks

0 Kudos
9 REPLIES 9
Ivan Ferreira
Honored Contributor

‎09-02-2005 04:31 AM

‎09-02-2005 04:31 AM

Re: Trust nt vs win 2003

You may need to configure a Authoritative DNS server for the NT4 domain.

After that, configure the DNS server for the 2003 domain to use the NT4 DNS server as forwarder.

You must create an "External trust relationship".
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Jon Finley
Honored Contributor

‎09-02-2005 04:36 AM

‎09-02-2005 04:36 AM

Re: Trust nt vs win 2003

You could also set up the lmhosts file on each server so that you can establish the secure channel connection and trust.

http://support.microsoft.com/default.aspx?scid=kb;en-us;197808

lmhosts
http://support.microsoft.com/kb/180094/EN-US/

Trust
http://support.microsoft.com/default.aspx?scid=kb;en-us;308195

Jon
"Do or do not. There is no try!" - Yoda
0 Kudos
Alberto Mendoza
Advisor

‎09-02-2005 09:33 AM

‎09-02-2005 09:33 AM

Re: Trust nt vs win 2003

I have made these points of the links of microsoft and follows the same error.


Thanks
0 Kudos
Paul Nunez
Respected Contributor

‎09-03-2005 01:12 AM

‎09-03-2005 01:12 AM

Re: Trust nt vs win 2003

Hi Alberto,

How current is the NT system in regards to security updates? Some RPC calls have been modified to improve security and require updates on most MS O/Ses.

Paul
0 Kudos
Alberto Mendoza
Advisor

‎09-06-2005 07:13 AM

‎09-06-2005 07:13 AM

Re: Trust nt vs win 2003

Hi.

The service RPC is automatic and started with the account of local system, this is in the Windows Server 2003.

In others servers the service RPC is automatic and started with the account "AUTHORITY\NetworkService".

I cannot modify the options of the service RPC, and I cannot stop or reinitiate this service


Thanks
0 Kudos
Ivan Ferreira
Honored Contributor

‎09-06-2005 08:04 AM

‎09-06-2005 08:04 AM

Re: Trust nt vs win 2003

This must be a name resolution problem, see:

http://support.microsoft.com/default.aspx?scid=kb;en-us;325874

Section Troubleshooting.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Paul Nunez
Respected Contributor

‎03-21-2006 03:10 AM

‎03-21-2006 03:10 AM

Re: Trust nt vs win 2003

Hi,

Did anyone ever figure this one out? I'm seeing it now when attempting to establish a trust to a domain with either an NTv4 SP6(+all available security patches) PDC or an Advanced Server v7.3A ECO4 (+RPC patch) PDC.
I can avoid the error in one of two ways:

1. From the W2K3 SP1 DC map a drive to the PDC of the other domain as an administrator of that domain (using any admin account).

2. Have identically named admin accounts in both domains which have identical passwords and use that account on the W2K3 SP1 DC to create the trust.

Thanks,

Paul
0 Kudos
randrew
New Member

‎04-11-2006 10:50 PM

‎04-11-2006 10:50 PM

Re: Trust nt vs win 2003

The problem with this error can range from different sources, but have seen it come up anytime you try to create trust between windows 2003 AD an an NT 4 domain.
The problem arises when you try to create trust between the 2 domain and the NT4 side of the trust is already in place.

To resolve this error, delete the trust from the NT4 side, and start the creation of trust from the windows 2003 AD.

I have seen this error somany times and the only solution that have worked all the time is to delete the trust from the NT 4 domain and start from the AD
0 Kudos
Paul Nunez
Respected Contributor

‎04-12-2006 01:22 AM

‎04-12-2006 01:22 AM

Re: Trust nt vs win 2003

Hi,

Well, unfortunately that doesn't work for me. I get the same error regardless of whether the other side of the trust exists or not.

In a trace I can see the W2K3 server never attempts to establish an anonymous session with the NT or Advanced Server PDC.

It tries using the credentials I've used to login to the W2K3 system (which is why it works when you have the same named account with identical passwords in both domains).

Or if you have an existing session from the w2k3 server to the NT or Advanced Server PDC (i.e, a mapped drive) using an administrator account in the NT or Advanced Server domain, it piggybacks on that session.

But the big difference when it works and doesn't is the presence of an anonymous session setup request from the W2K3 server.

So anyone know why a W2K3 server wouldn't attempt an _outbound_ anonymous session?

Regards,


Paul
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.