Problem when Create a Two-Way, Forest Trust for Both Sides of the Trust + windows 2008 R2
-
Sunday, November 18, 2012 2:29 PM
-
Hi,
I have two different forest with 2 different domains . 1st one called ecclab.local and 2nd called odyssey.com,there is no shared root DNS server and the root DNS servers for each forest DNS namespace are running Windows Server 2008 R2 so i configured DNS conditional forwarders in each DNS namespace to route queries for names in the other namespace as in following articlehttp://technet.microsoft.com/en-us/library/cc816810(v=ws.10).aspx.
After make conditional forward we folow the steps in this article http://technet.microsoft.com/en-us/library/cc816590(v=ws.10).aspx to create a trust between tow forest. But after step 11 completed successfully, the error message appeared as shown below
So i need any help regarding this issue
-
All Replies
-
Sunday, November 18, 2012 2:39 PMCreation of trust fails: cannot continue.
http://setspn.blogspot.in/2010/10/creation-of-trust-fails-cannot-continue.html
Thanks -
Sunday, November 18, 2012 8:44 PM
Usually, this appears when both domains have one of the following conditions:
- The same DNS name
- The same NetBIOS name
- The same SID
Since your DNS name is not the same and I assume that your NetBIOS one too, I would suspect that both domains have the same SID. You can refer to that to get the domain SID: http://stackoverflow.com/questions/7023110/how-to-get-domain-sid-from-domain-dns-name
If this is the case then you will need to completely remove one of the domains and re-construct it from scratch. This is in order to get a different SID. Note also that there is no supported way to change the SID of an AD domain.
This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Tuesday, November 20, 2012 11:14 AM
Also 2 Domains have Different SID ?! :(
.png)
