Problem of doing trust relationship

[Keith]

Hi,

I got the error message 'non-Windows Kerberos Domain...'
when doing trust relationship between two domains.

The servers settings are:

1. Two domain controllers (A & B) and they are in
different forest (test1.com & test2.com.hk)
2. Domain controller A is in the network '192.168.20.0/24'
while Domain controller B is in the
network '192.168.21.0/24'

Thanks,

Keith

 

[Shawn Rabourn \(MS\)]

I bet Netbios over TCP/IP is not enabled on one of the DC's

Check that setting and get back to us


--Shawn
This posting is provided "AS IS" with no warranties and confers no rights.

 

[Herb Martin]

Do you happen to have the list of all the little (including oddball)
places where NetBIOS name are still required or helpful in Win2003?

 

[Keith]

It's been enabled already. I would mention one thing here
is I could do one-way external trust when I'd put them
into the same subnet (e.g. 192.168.20.0/24). I couldn't do
that when they were in different subnet.

Pls also note that both domain controllers are windows
2000 server platform.

Thanks,

Keith

 

[Shawn Rabourn \(MS\)]

What happens when you use netdom to create the trust?

Break any pieces of the trust and run the following command (from domainA):

NETDOM TRUST /d:domainB domainA /ADD /TWOWAY /Ud:domainB\administrator /Pd:*



--Shawn
This posting is provided "AS IS" with no warranties and confers no rights.

 

[Herb Martin]

It's been enabled already. I would mention one thing here

is I could do one-way external trust when I'd put them
into the same subnet (e.g. 192.168.20.0/24). I couldn't do
that when they were in different subnet.

Strong indication of NetBIOS problem -- do you have a WINS
server where BOTH DCs are registered?

 

[Shawn Rabourn \(MS\)]

Herb brings up a good point, W2k - W2K trusts do use netBIOS and not DNS.

--Shawn
This posting is provided "AS IS" with no warranties and confers no rights.

 

[Herb Martin]

If you know anyone who has a (close to) full list of the features that
require (or truly benefit) from NetBIOS in Win2000/Win2003 I w
would LOVE a reference.

(Usually I can find anything at Microsoft, but so far this list escapes my
google searching talents. <grin>)

 

[Keith]

Hi Herb,

You are right! It works on my testing environment and I'll
try it on my production. BTW, do you know how to correct
the name of DHCP server on the DHCP MMC since it always
used incorrect name.

Thanks,

Keith

 

[Herb Martin]

You are right! It works on my testing environment and I'll

try it on my production. BTW, do you know how to correct
the name of DHCP server on the DHCP MMC since it always
used incorrect name.

What do you mean "incorrect name" -- generally you can add ANY
DHCP server to the DHCP console by either NetBIOS or DNS
name, or even by IP address.

It's just cosmetic so remove and re-add it.