Trust problem

Discussion in 'MCSE' started by Lazyadmin, Jan 1, 2004.

  1. Lazyadmin

    Lazyadmin Guest

    Following the guides in my MS Press book (Upgrading your Certification to
    Windows 2003) on creating a cross forest trust with Windows 2003.

    I have raised the domain level and forest levels to Windows Server 2003,
    rebooted yet when I try to create any kind of trust i get an error message:

    The operation failed. The error is: This operation cannot be performed on
    the current domain.

    I have tried domain, forest, one way in/ou, and am at a loss. Both servers
    are on the same subnet, same ip range, i can ping DNS and IP. Only one
    account on each server, it has full admin rights to everything. Nothing
    shows up in event viewer and the rather generic error message is of no help.

    Any suggestion?

    Thanks


    Happy New Year!

    Rod
     
    Lazyadmin, Jan 1, 2004
    #1
    1. Advertising

  2. Lazyadmin

    Lazyadmin Guest

    Update, i can create Realm trusts, but no others. The battle
    continues........


    "Lazyadmin" <> wrote in message
    news:...
    > Following the guides in my MS Press book (Upgrading your Certification to
    > Windows 2003) on creating a cross forest trust with Windows 2003.
    >
    > I have raised the domain level and forest levels to Windows Server 2003,
    > rebooted yet when I try to create any kind of trust i get an error

    message:
    >
    > The operation failed. The error is: This operation cannot be performed on
    > the current domain.
    >
    > I have tried domain, forest, one way in/ou, and am at a loss. Both

    servers
    > are on the same subnet, same ip range, i can ping DNS and IP. Only one
    > account on each server, it has full admin rights to everything. Nothing
    > shows up in event viewer and the rather generic error message is of no

    help.
    >
    > Any suggestion?
    >
    > Thanks
    >
    >
    > Happy New Year!
    >
    > Rod
    >
    >
    >
    >
     
    Lazyadmin, Jan 1, 2004
    #2
    1. Advertising

  3. Lazyadmin

    someguy Guest

    Whats Event View say?
     
    someguy, Jan 2, 2004
    #3
  4. Lazyadmin

    Ya! Guest

    I smell a RELOAD coming on!!!!


    >-----Original Message-----
    >Following the guides in my MS Press book (Upgrading your

    Certification to
    >Windows 2003) on creating a cross forest trust with

    Windows 2003.
    >
    >I have raised the domain level and forest levels to

    Windows Server 2003,
    >rebooted yet when I try to create any kind of trust i get

    an error message:
    >
    >The operation failed. The error is: This operation cannot

    be performed on
    >the current domain.
    >
    >I have tried domain, forest, one way in/ou, and am at a

    loss. Both servers
    >are on the same subnet, same ip range, i can ping DNS and

    IP. Only one
    >account on each server, it has full admin rights to

    everything. Nothing
    >shows up in event viewer and the rather generic error

    message is of no help.
    >
    >Any suggestion?
    >
    >Thanks
    >
    >
    >Happy New Year!
    >
    >Rod
    >
    >
    >
    >
    >.
    >
     
    Ya!, Jan 2, 2004
    #4
  5. Lazyadmin

    Lazyadmin Guest

    Thats the weird part, nothing! I have managed to get Realm trusts working,
    but thats it.


    "someguy" <> wrote in message
    news:073501c3d145$49a67460$...
    > Whats Event View say?
     
    Lazyadmin, Jan 2, 2004
    #5
  6. Lazyadmin

    Lazyadmin Guest

    Did you get that from The Idiots Guide to Windows Server Repair or think of
    that all by yourself :)


    "Ya!" <> wrote in message
    news:009201c3d14b$2c80b250$...
    > I smell a RELOAD coming on!!!!
    >
    >
    > >-----Original Message-----
    > >Following the guides in my MS Press book (Upgrading your

    > Certification to
    > >Windows 2003) on creating a cross forest trust with

    > Windows 2003.
    > >
    > >I have raised the domain level and forest levels to

    > Windows Server 2003,
    > >rebooted yet when I try to create any kind of trust i get

    > an error message:
    > >
    > >The operation failed. The error is: This operation cannot

    > be performed on
    > >the current domain.
    > >
    > >I have tried domain, forest, one way in/ou, and am at a

    > loss. Both servers
    > >are on the same subnet, same ip range, i can ping DNS and

    > IP. Only one
    > >account on each server, it has full admin rights to

    > everything. Nothing
    > >shows up in event viewer and the rather generic error

    > message is of no help.
    > >
    > >Any suggestion?
    > >
    > >Thanks
    > >
    > >
    > >Happy New Year!
    > >
    > >Rod
    > >
    > >
    > >
    > >
    > >.
    > >
     
    Lazyadmin, Jan 2, 2004
    #6
  7. Lazyadmin

    Consultant Guest

    he/she may have written the book

    "Lazyadmin" <> wrote in message
    news:...
    > Did you get that from The Idiots Guide to Windows Server Repair or think

    of
    > that all by yourself :)
    >
    >
    > "Ya!" <> wrote in message
    > news:009201c3d14b$2c80b250$...
    > > I smell a RELOAD coming on!!!!
    > >
    > >
    > > >-----Original Message-----
    > > >Following the guides in my MS Press book (Upgrading your

    > > Certification to
    > > >Windows 2003) on creating a cross forest trust with

    > > Windows 2003.
    > > >
    > > >I have raised the domain level and forest levels to

    > > Windows Server 2003,
    > > >rebooted yet when I try to create any kind of trust i get

    > > an error message:
    > > >
    > > >The operation failed. The error is: This operation cannot

    > > be performed on
    > > >the current domain.
    > > >
    > > >I have tried domain, forest, one way in/ou, and am at a

    > > loss. Both servers
    > > >are on the same subnet, same ip range, i can ping DNS and

    > > IP. Only one
    > > >account on each server, it has full admin rights to

    > > everything. Nothing
    > > >shows up in event viewer and the rather generic error

    > > message is of no help.
    > > >
    > > >Any suggestion?
    > > >
    > > >Thanks
    > > >
    > > >
    > > >Happy New Year!
    > > >
    > > >Rod
    > > >
    > > >
    > > >
    > > >
    > > >.
    > > >

    >
    >
     
    Consultant, Jan 2, 2004
    #7
  8. On Thu, 1 Jan 2004 16:14:20 -0600, "Lazyadmin" <> wrote:

    >Following the guides in my MS Press book (Upgrading your Certification to
    >Windows 2003) on creating a cross forest trust with Windows 2003.
    >
    >I have raised the domain level and forest levels to Windows Server 2003,
    >rebooted yet when I try to create any kind of trust i get an error message:
    >
    >The operation failed. The error is: This operation cannot be performed on
    >the current domain.
    >
    >I have tried domain, forest, one way in/ou, and am at a loss. Both servers
    >are on the same subnet, same ip range, i can ping DNS and IP. Only one
    >account on each server, it has full admin rights to everything. Nothing
    >shows up in event viewer and the rather generic error message is of no help.
    >
    >Any suggestion?
    >
    >Thanks
    >
    >
    >Happy New Year!
    >
    >Rod
    >
    >
    >

    Is the other domain 2000 mixed mode perchance ? or even more likely
    NT4? - if it is ...
     
    Marlin (the PFY) Munrow - Remove Vroomfondle to em, Jan 2, 2004
    #8
  9. Lazyadmin

    Lazyadmin Guest

    No all 2003 Enterprise, raised domain and forest to Windows 2003 level.


    "Marlin (the PFY) Munrow - Remove Vroomfondle to email me"
    <> wrote in message
    news:...
    >
    >
    > On Thu, 1 Jan 2004 16:14:20 -0600, "Lazyadmin" <> wrote:
    >
    > >Following the guides in my MS Press book (Upgrading your Certification to
    > >Windows 2003) on creating a cross forest trust with Windows 2003.
    > >
    > >I have raised the domain level and forest levels to Windows Server 2003,
    > >rebooted yet when I try to create any kind of trust i get an error

    message:
    > >
    > >The operation failed. The error is: This operation cannot be performed on
    > >the current domain.
    > >
    > >I have tried domain, forest, one way in/ou, and am at a loss. Both

    servers
    > >are on the same subnet, same ip range, i can ping DNS and IP. Only one
    > >account on each server, it has full admin rights to everything. Nothing
    > >shows up in event viewer and the rather generic error message is of no

    help.
    > >
    > >Any suggestion?
    > >
    > >Thanks
    > >
    > >
    > >Happy New Year!
    > >
    > >Rod
    > >
    > >
    > >

    > Is the other domain 2000 mixed mode perchance ? or even more likely
    > NT4? - if it is ...
    >
    >
     
    Lazyadmin, Jan 3, 2004
    #9
  10. Lazyadmin

    MikeF Guest

    Here are a few guesses re. things to check. Probably all off the mark
    but might trigger a thought:

    1. could it have needed a "prep" tool to be run that you might have
    forgot?
    2. are there any replication problems between the servers? / have they
    had time to replicate?
    3. same subnet = same site. could this be confusing windows? i don't
    think it should, but.....
    4. seems possible that the raising of the domains to 2003 did not
    "take" for some reason.....
    5. DNS complete and okay?

    Good Luck! Let us know the answer when you figure it out.

    Mike

    Lazyadmin" <> wrote in message
    news:OyU3U$...
    > No all 2003 Enterprise, raised domain and forest to Windows 2003

    level.
    >
    >
    > "Marlin (the PFY) Munrow - Remove Vroomfondle to email me"
    > <> wrote in message
    > news:...
    > >
    > >
    > > On Thu, 1 Jan 2004 16:14:20 -0600, "Lazyadmin" <>

    wrote:
    > >
    > > >Following the guides in my MS Press book (Upgrading your

    Certification to
    > > >Windows 2003) on creating a cross forest trust with Windows 2003.
    > > >
    > > >I have raised the domain level and forest levels to Windows

    Server 2003,
    > > >rebooted yet when I try to create any kind of trust i get an

    error
    > message:
    > > >
    > > >The operation failed. The error is: This operation cannot be

    performed on
    > > >the current domain.
    > > >
    > > >I have tried domain, forest, one way in/ou, and am at a loss.

    Both
    > servers
    > > >are on the same subnet, same ip range, i can ping DNS and IP.

    Only one
    > > >account on each server, it has full admin rights to everything.

    Nothing
    > > >shows up in event viewer and the rather generic error message is

    of no
    > help.
    > > >
    > > >Any suggestion?
    > > >
    > > >Thanks
    > > >
    > > >
    > > >Happy New Year!
    > > >
    > > >Rod
    > > >
    > > >
    > > >

    > > Is the other domain 2000 mixed mode perchance ? or even more

    likely
    > > NT4? - if it is ...
    > >
    > >

    >
    >
     
    MikeF, Jan 3, 2004
    #10
  11. Lazyadmin

    Lazyadmin Guest

    Well i got it to work and i think i know what the problem is/was.

    This is a test lab i got 3 identical PCs. Installed it on the first and
    ghosted it to the other one, and made the necessary changes and then
    DCPromo'd them in their respective forest/domains. I think maye this caused
    some issues because when i brought another DC online for a third forest
    (with a fresh install) I am able to create a forest trust between the two
    forests created from fresh installs. The ghosted install still does not
    work. So I wiped the ghosted install and installed a fresh DC in a new
    forest/domain and can create forest trusts.

    Thats what you get for taking shortcuts I guess. Figured I would save some
    time over installing it on these PIII 500's :)

    Rod


    "MikeF" <> wrote in message
    news:...
    > Here are a few guesses re. things to check. Probably all off the mark
    > but might trigger a thought:
    >
    > 1. could it have needed a "prep" tool to be run that you might have
    > forgot?
    > 2. are there any replication problems between the servers? / have they
    > had time to replicate?
    > 3. same subnet = same site. could this be confusing windows? i don't
    > think it should, but.....
    > 4. seems possible that the raising of the domains to 2003 did not
    > "take" for some reason.....
    > 5. DNS complete and okay?
    >
    > Good Luck! Let us know the answer when you figure it out.
    >
    > Mike
    >
    > Lazyadmin" <> wrote in message
    > news:OyU3U$...
    > > No all 2003 Enterprise, raised domain and forest to Windows 2003

    > level.
    > >
    > >
    > > "Marlin (the PFY) Munrow - Remove Vroomfondle to email me"
    > > <> wrote in message
    > > news:...
    > > >
    > > >
    > > > On Thu, 1 Jan 2004 16:14:20 -0600, "Lazyadmin" <>

    > wrote:
    > > >
    > > > >Following the guides in my MS Press book (Upgrading your

    > Certification to
    > > > >Windows 2003) on creating a cross forest trust with Windows 2003.
    > > > >
    > > > >I have raised the domain level and forest levels to Windows

    > Server 2003,
    > > > >rebooted yet when I try to create any kind of trust i get an

    > error
    > > message:
    > > > >
    > > > >The operation failed. The error is: This operation cannot be

    > performed on
    > > > >the current domain.
    > > > >
    > > > >I have tried domain, forest, one way in/ou, and am at a loss.

    > Both
    > > servers
    > > > >are on the same subnet, same ip range, i can ping DNS and IP.

    > Only one
    > > > >account on each server, it has full admin rights to everything.

    > Nothing
    > > > >shows up in event viewer and the rather generic error message is

    > of no
    > > help.
    > > > >
    > > > >Any suggestion?
    > > > >
    > > > >Thanks
    > > > >
    > > > >
    > > > >Happy New Year!
    > > > >
    > > > >Rod
    > > > >
    > > > >
    > > > >
    > > > Is the other domain 2000 mixed mode perchance ? or even more

    > likely
    > > > NT4? - if it is ...
    > > >
    > > >

    > >
    > >

    >
    >
     
    Lazyadmin, Jan 3, 2004
    #11
  12. On Fri, 2 Jan 2004 18:23:35 -0600, "Lazyadmin" <> wrote:

    >No all 2003 Enterprise, raised domain and forest to Windows 2003 level.
    >
    >
    >"Marlin (the PFY) Munrow - Remove Vroomfondle to email me"
    ><> wrote in message
    >news:...
    >>
    >>
    >> On Thu, 1 Jan 2004 16:14:20 -0600, "Lazyadmin" <> wrote:
    >>
    >> >Following the guides in my MS Press book (Upgrading your Certification to
    >> >Windows 2003) on creating a cross forest trust with Windows 2003.
    >> >
    >> >I have raised the domain level and forest levels to Windows Server 2003,
    >> >rebooted yet when I try to create any kind of trust i get an error

    >message:
    >> >
    >> >The operation failed. The error is: This operation cannot be performed on
    >> >the current domain.
    >> >
    >> >I have tried domain, forest, one way in/ou, and am at a loss. Both

    >servers
    >> >are on the same subnet, same ip range, i can ping DNS and IP. Only one
    >> >account on each server, it has full admin rights to everything. Nothing
    >> >shows up in event viewer and the rather generic error message is of no

    >help.
    >> >
    >> >Any suggestion?
    >> >
    >> >Thanks
    >> >
    >> >
    >> >Happy New Year!
    >> >
    >> >Rod
    >> >
    >> >
    >> >

    >> Is the other domain 2000 mixed mode perchance ? or even more likely
    >> NT4? - if it is ...
    >>
    >>

    >

    Bang goes another guess...


    +++++++++++++++++++++++++++++++++++++++++++
    "We require rigidly defined areas of
    doubt and uncertainty!"

    Remove Vroomfondle to email me.
    +++++++++++++++++++++++++++++++++++++++++++
     
    Marlin (the PFY) Munrow - Remove Vroomfondle to em, Jan 3, 2004
    #12
  13. On Sat, 3 Jan 2004 12:19:24 -0600, "Lazyadmin" <> wrote:

    >Well i got it to work and i think i know what the problem is/was.
    >
    >This is a test lab i got 3 identical PCs. Installed it on the first and
    >ghosted it to the other one, and made the necessary changes and then
    >DCPromo'd them in their respective forest/domains. I think maye this caused
    >some issues because when i brought another DC online for a third forest
    >(with a fresh install) I am able to create a forest trust between the two
    >forests created from fresh installs. The ghosted install still does not
    >work. So I wiped the ghosted install and installed a fresh DC in a new
    >forest/domain and can create forest trusts.
    >
    >Thats what you get for taking shortcuts I guess. Figured I would save some
    >time over installing it on these PIII 500's :)
    >
    >Rod
    >
    >
    >"MikeF" <> wrote in message
    >news:...
    >> Here are a few guesses re. things to check. Probably all off the mark
    >> but might trigger a thought:
    >>
    >> 1. could it have needed a "prep" tool to be run that you might have
    >> forgot?
    >> 2. are there any replication problems between the servers? / have they
    >> had time to replicate?
    >> 3. same subnet = same site. could this be confusing windows? i don't
    >> think it should, but.....
    >> 4. seems possible that the raising of the domains to 2003 did not
    >> "take" for some reason.....
    >> 5. DNS complete and okay?
    >>
    >> Good Luck! Let us know the answer when you figure it out.
    >>
    >> Mike
    >>
    >> Lazyadmin" <> wrote in message
    >> news:OyU3U$...
    >> > No all 2003 Enterprise, raised domain and forest to Windows 2003

    >> level.
    >> >
    >> >
    >> > "Marlin (the PFY) Munrow - Remove Vroomfondle to email me"
    >> > <> wrote in message
    >> > news:...
    >> > >
    >> > >
    >> > > On Thu, 1 Jan 2004 16:14:20 -0600, "Lazyadmin" <>

    >> wrote:
    >> > >
    >> > > >Following the guides in my MS Press book (Upgrading your

    >> Certification to
    >> > > >Windows 2003) on creating a cross forest trust with Windows 2003.
    >> > > >
    >> > > >I have raised the domain level and forest levels to Windows

    >> Server 2003,
    >> > > >rebooted yet when I try to create any kind of trust i get an

    >> error
    >> > message:
    >> > > >
    >> > > >The operation failed. The error is: This operation cannot be

    >> performed on
    >> > > >the current domain.
    >> > > >
    >> > > >I have tried domain, forest, one way in/ou, and am at a loss.

    >> Both
    >> > servers
    >> > > >are on the same subnet, same ip range, i can ping DNS and IP.

    >> Only one
    >> > > >account on each server, it has full admin rights to everything.

    >> Nothing
    >> > > >shows up in event viewer and the rather generic error message is

    >> of no
    >> > help.
    >> > > >
    >> > > >Any suggestion?
    >> > > >
    >> > > >Thanks
    >> > > >
    >> > > >
    >> > > >Happy New Year!
    >> > > >
    >> > > >Rod
    >> > > >
    >> > > >
    >> > > >
    >> > > Is the other domain 2000 mixed mode perchance ? or even more

    >> likely
    >> > > NT4? - if it is ...
    >> > >
    >> > >
    >> >
    >> >

    >>
    >>

    >

    3 ghosts turned into DCs *would* cause issues

    good catch all the same
    +++++++++++++++++++++++++++++++++++++++++++
    "We require rigidly defined areas of
    doubt and uncertainty!"

    Remove Vroomfondle to email me.
    +++++++++++++++++++++++++++++++++++++++++++
     
    Marlin (the PFY) Munrow - Remove Vroomfondle to em, Jan 3, 2004
    #13
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?TGVl?=

    Trust certificate window

    =?Utf-8?B?TGVl?=, Feb 1, 2005, in forum: Microsoft Certification
    Replies:
    0
    Views:
    418
    =?Utf-8?B?TGVl?=
    Feb 1, 2005
  2. zher
    Replies:
    2
    Views:
    412
    Brad Reese
    Nov 20, 2004
  3. Charlie
    Replies:
    8
    Views:
    438
    Charlie
    Dec 2, 2003
  4. Kenan

    Domain trust problem

    Kenan, Jul 17, 2003, in forum: MCSE
    Replies:
    7
    Views:
    4,517
    billyw
    Jul 17, 2003
  5. Len Brauer

    e-trust set up problem

    Len Brauer, May 26, 2005, in forum: Computer Information
    Replies:
    0
    Views:
    362
    Len Brauer
    May 26, 2005
Loading...

Share This Page