+ Reply to Thread
Results 1 to 3 of 3

Thread: Derp?

  1. Member maelstrom3530's Avatar
    Join Date
    Dec 2014
    Location
    NC
    Posts
    40

    Certifications
    A+, N+, S+, CCNA R&S, MCP, MCSA: Win7 / 2012R2, MCITP: EDST, MCTS: 70-640, A.A.S. Network Administration and Support
    #1

    Default Derp?

    Doing an AD lab. I set up a trust between two domains yesterday. Worked fine. I even shared some folders from one domain to another.

    I removed the trust and attempted to create a new trust. Now I can't validate the trust, nor can I browse the "remote" DC when granting permissions on a shared resource

    I did have some old IP entries in DNS, but I cleared those out and flushed all cache. Now DNS seems okay. 3 DC's on one side and 1 DC on the other. All DC's are online. nslookup shows correct IP addresses all around.

    Contoso.com - (I did at one time have these subnetted, but they're all /24 now and on the same VLAN.)
    ------------
    hq.contoso.com - 192.168.100.105
    west.contoso.com - 192.168.100.106
    eng.contoso.com - 192.168.100.193

    Blackstone.net
    --------------
    hq.blackstone.net - 192.168.100.200

    Running nslookup on Blackstone.net - $> "nslookup contoso.com"
    Gives correct IP addresses but all 3 are "non-authoritative" answers.

    When I try to validate the trust, the error I receive on both ends says:

    "The secure channel (SC) reset on Active Directory Domain Controller ... failed with error: There are currently no logon servers available to service the logon request."

    In writing this I found the solution. HQ cannot be used for the machine name for both domain controllers. Renamed HQ.BLACKSTONE.NET to SERV01.BLACKSTONE.NET and all is well. I did have to reset the trust password between Blackstone.net over to WEST.CONTOSO.COM since WEST is also a DC in the same site as CONTOSO. (Eng is in a different site, I guess that's why BLACKSTONE.NET didn't need to validate a trust relationship with ENG.

    ANYWAYS tl'dr: nevermind, I fixed it. Hope this helps another person somewhere along the way!

    BACK TO THE LAB!
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member Chev Chellios's Avatar
    Join Date
    Jan 2013
    Location
    UK
    Posts
    336

    Certifications
    MCP, MCDST, CCNSP, ITIL Foundation, working towards CCENT/CCNA
    #2
    Hey man- that could be very helpful to others. Which MS 2008 exam you going for out of interest, the AD one?
    Reply With Quote Quote  

  4. Member maelstrom3530's Avatar
    Join Date
    Dec 2014
    Location
    NC
    Posts
    40

    Certifications
    A+, N+, S+, CCNA R&S, MCP, MCSA: Win7 / 2012R2, MCITP: EDST, MCTS: 70-640, A.A.S. Network Administration and Support
    #3
    Yeah its the 70-640.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks