Hello all,

I have a Domain Trust problem,

Office 1 has a NT Domain Controller.

Office 2 has a 2000 Domain Controller (set to mix mode)

I have a VPN between office's (Cisco 2600 & PIX) that is working fine (ping
etc works fine)

I have set up Domain trusts from Office 2 Win 2000 SP4,

but I can not set up trusted Domain from Office 1 (NT) have set up trusting.

The error I get is " Could not find domain controller for this domain"

Looked at Microsoft TEC NET error = Win not replicating.

But my thoughts are that the routers are not forwarding broadcasting over
the VPN

And I need a DHCP relay agent to forward NETBIOS and WINS over TCP/IP

Is this right.

Thank you

Tony T

ARBO wrote:
If you utilize a WINS naming server, you do not need to forward
broadcasts. To get it working properly, you may also just want to point
both servers to the same server with wins installed until you can get a
second one set up and replicate the wins database. Also, even with
IPSEC, you should be able to turn a broadcast into a directional
broadcast or at least a unicast on the lan side with the ip helper
address command on the inside of your source.


--
-------------------------
Paul Stewart
Lexnet Inc.
Email address is in ROT13

"PES" <crfgrjneg@nqrycuvn.arg> wrote in message
news:41bb599d$1_1@news.iglou.com...

Thanks Paul,
When I pont the Wins server thats the NT Domain to the 2000 Domain, then I
get the error
" Could not find domain controller for this domain"
But I can see the wins data on the NT PDC from the 2000 PDC.
The 2000 Domain has been set-up as so the NT Domain is trusted and
trustting, and WINS has been set as push pull H node 0x8.
So when I got the error " Could not find domain controller for this domain"
it made me think of broadcasting, When you pont the NT Domain to the 2000
Domain, how dose it get that info, is it by broadcasting or from WINS, DNS,
or netBIOS?
Much appricate the help.
Tony T

ARBO wrote:
This is actually probably better posted to a MS newsgroup. To answer
your question, it depends on the version of windows and netbios node
type. In most cases you would want to configure this to wins first then
broadcast if you are connecting to machines on the other end of a wan or
vpn. Evidentily, the domain controller has not registered itself and
its service type in the wins database that the machine that is giving
you the error is pointing to. If a wins server is configured, it will
be consulted at some point, the timing depends on the node type. I'm
not intimately familiar enough with this to give you a packet level
example of what is going on. However, I have deployed several of these
and haven't had a huge amount of issues.

--
-------------------------
Paul Stewart
Lexnet Inc.
Email address is in ROT13

You must use a WINS server on one (or both) of the networks. Your clients
and servers must use this wins server in their tcp/ip settings.

If you use a wins server at both sites, setup wins replication between them
and let the clients at each site use the local wins server.

ARBO wrote: