Archived from groups: microsoft.public.windowsnt.domain (More info?)
Here is the setup:
Parent Domain Server (win 2000) in corporate office (10.0.1.X network)
Setting up new Child Domain server (win 2003) in remote office (172.16.2.X
network)
Remote office connected to corporate office through VPN (IPSec 3DES)
(Linksys VPN router to Cisco VPN concentrator)
From the remote network server, I can ping the corporate side machines and
DNS resolution is working for all servers throughout the network.
However, domain communications between the child and parent are not
functioning. The application log errors are "cannot bind to ourcompany.org
domain" and "Windows cannot query for the list of group objects".
I tested shares, and it seems that the child server can browse and see the
shares, but when I try to open a share I get "the share is not accessible"
and "the specified network name is no longer available".
Just to test, we put the child server on the same network as the parent,
and all worked perfectly, so at least we know the setup is ok. It just
doesn't communicate properly across the VPN.
I know there is an issue of Netbios across VPN's, but I made sure to setup
Netbios over TCP/IP which should take care of that.
Sniffer traces show traffic coming from and to each server on both sides of
the network, so communication itself is not an issue.
I am missing something else, and I do not know where else to look. Why
would everything else work except inter-domain trust communications?
Any ideas would be greatly appreciated.
Phil
Here is the setup:
Parent Domain Server (win 2000) in corporate office (10.0.1.X network)
Setting up new Child Domain server (win 2003) in remote office (172.16.2.X
network)
Remote office connected to corporate office through VPN (IPSec 3DES)
(Linksys VPN router to Cisco VPN concentrator)
From the remote network server, I can ping the corporate side machines and
DNS resolution is working for all servers throughout the network.
However, domain communications between the child and parent are not
functioning. The application log errors are "cannot bind to ourcompany.org
domain" and "Windows cannot query for the list of group objects".
I tested shares, and it seems that the child server can browse and see the
shares, but when I try to open a share I get "the share is not accessible"
and "the specified network name is no longer available".
Just to test, we put the child server on the same network as the parent,
and all worked perfectly, so at least we know the setup is ok. It just
doesn't communicate properly across the VPN.
I know there is an issue of Netbios across VPN's, but I made sure to setup
Netbios over TCP/IP which should take care of that.
Sniffer traces show traffic coming from and to each server on both sides of
the network, so communication itself is not an issue.
I am missing something else, and I do not know where else to look. Why
would everything else work except inter-domain trust communications?
Any ideas would be greatly appreciated.
Phil