Domain Trust between w2k und 2003 domain

[Daniel]

Hi

I have a problem creating a domain trust between an windows 2000 AD
and a windows 2003 AD.

I ve setup DNS on each side to have a secondy dns of the other domain.
pinging each side the other works also. they re not on the same lan,
but this should not be the problem.

On the win2003 side the trust creation seems to work. On the w2k side
it claims that the remote pdc is not responding.

I found an old nt4 tool LNTEST on my nt resource cd and checked if
I can "see" the PDC on each side ( nltest /dcname:w2kdomain ) . On the
win2003 side it works. On the w2k side it works for itself but not for
the win2003 ad. Error is:
NetGetDCName failed: Status = 2453 0x995 NERR_DCNotFound

I think the problem must be somewhere on the w2k side, but I don t
know where.

I also tried to to fill lmhosts like in good old days but this helped
me neither.

perhaps you can give me a hand where i can start searching again.

Thanks

Daniel Herren

 

[Ryan Hanisco]

If the LMHOSTS didn't work then you really need to look at your DNS and your
PDC Emulator. Either it can't find it, or its not responding. Look at
DCDIAG to check the health of the services.

You did mention that they are on different networks. Are there ACLs
governing what kinds of traffic can pass between networks on your routers,
switches, or VLANs? Something like that could explain a one-way problem as
well.

Did your secondary DNS populate correctly? Can you use the authoritative DNS
in the other network for the lookup of the domain rather than the secondary?

 

[Daniel]

On Mon, 3 Jan 2005 11:08:01 -0600, "Ryan Hanisco"

Hi Ryan

Thanks for your help. I tried to answer directly in your message.
Have a nice afternoon

Daniel

If the LMHOSTS didn't work then you really need to look at your DNS and your
PDC Emulator. Either it can't find it, or its not responding. Look at
DCDIAG to check the health of the services.

Oups- what is dcdiag. where can i find it?

You did mention that they are on different networks. Are there ACLs
governing what kinds of traffic can pass between networks on your routers,
switches, or VLANs? Something like that could explain a one-way problem as
well.

Yes, we have a leased line between the two nets and it should me fully
transparent as per our provider. Drive mapping from server/pc in one
net to the other works also fine

Did your secondary DNS populate correctly? Can you use the authoritative DNS
in the other network for the lookup of the domain rather than the secondary?

If I start my pc in the morning, the ip address and pcname shows in
dns on my win2003 and w2k machine. If I do manual entries in the dns
just for fun, they also appear in dns of the w2k.

 

[Daniel]

Found the dcdiag_setup.exe on ms.com - will check it.

Thx again

Daniel