none
Trust Validation across Domains RRS feed

  • Question

  • Hello, 

    I have two domains, a.com and b.com. 

    b.com is dialing in via a VPN connection to connect to a.com's Routing and Remote access server. 
    The VPN connection is successful. The trust was initially created and was in place. Now, when I try to validate the trust it shows a message

    "The Local Security Authority is unable to obtain an RPC connection to the active directory domain controller computer.b.com.
    Please check that name can be resolved and that the server is available."

    Now few things to mention here:

    1. 1. I can ping by IP address, but not by the domain name.
    2. In DNS forwarders tab, the IP is resolved as computer name but not domain name.
    3. I can remote access the computer using the IP address of that server. 
    4. From b.com, the outgoing trust is validated but incoming trust fails with the below mentioned message:

    "The secure channel (SC) reset on Active Directory Domain Controller \\COMPUTER.A.COM of domain A.COM to domain b.com failed with error: The RPC server is unavailable."

    OS: Windows Server 2008 R2 - 64bit

    Any help please??

    Tuesday, January 31, 2017 8:41 PM

Answers

  • Hi Klub,

    Please check RPC service function properly.

    And please run nslookup command to check if FQDN could be resolved by DNS server.

    Please run dcdiag /test:dns to check if DNS server on DC function properly.

    >>In DNS forwarders tab, the IP is resolved as computer name but not domain name.

    Please catch the traffic of DNS server to check if VPN client has sent query request to remote DNS server.

    And here is information about RPC server is unavailable error for your reference:

    Domain Controller Issues

    https://technet.microsoft.com/en-us/library/cc961811.aspx

    Best Regards

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    • Edited by John Lii Wednesday, February 1, 2017 7:59 AM
    • Proposed as answer by John Lii Monday, February 27, 2017 9:15 AM
    • Marked as answer by klub21 Tuesday, March 7, 2017 12:00 PM
    Wednesday, February 1, 2017 7:58 AM

All replies

  • Hi Klub,

    Please check RPC service function properly.

    And please run nslookup command to check if FQDN could be resolved by DNS server.

    Please run dcdiag /test:dns to check if DNS server on DC function properly.

    >>In DNS forwarders tab, the IP is resolved as computer name but not domain name.

    Please catch the traffic of DNS server to check if VPN client has sent query request to remote DNS server.

    And here is information about RPC server is unavailable error for your reference:

    Domain Controller Issues

    https://technet.microsoft.com/en-us/library/cc961811.aspx

    Best Regards

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    • Edited by John Lii Wednesday, February 1, 2017 7:59 AM
    • Proposed as answer by John Lii Monday, February 27, 2017 9:15 AM
    • Marked as answer by klub21 Tuesday, March 7, 2017 12:00 PM
    Wednesday, February 1, 2017 7:58 AM
  • Thanks a lot John. 

    Really appreciate the help. I will be checking these setting and will update the thread accordingly.

    Best Regard
    KLUB

    Thursday, February 2, 2017 11:42 PM
  • Hi Klub,

    Thanks for your effort, If there is anything we can do for you, please feel free to post in the forum.

    Best Regards

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, February 3, 2017 2:28 AM
  • Hi Klub,

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

    Best Regards,

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, February 27, 2017 9:15 AM
  • Hi John,

    Apologies for the delayed response. 
    The issue at my side was due to the RPC service. Really appreciate for your support. 

    Best Regards
    KLUB

    Tuesday, March 7, 2017 12:03 PM
  • Hi Klub,

    You are welcome.

    Glad to hear that your issue is successfully resolved.

    Best Regards

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, March 8, 2017 1:58 AM