Forest trusted agent installation error RRS feed

  • Question

  • All,

    Working through an issue with agent installation/protection on a forest trusted cross-domain deployment of DPM2016.




    Note, DomainA is not actually a subdomain (from an identity management perspective) of Domain.tld.  It is a standalone AD infrastructure.  We are currently transitioning to Disjoint.Domain.tld, which is a disjoint namespace sitting under Domain.tld.

    DomainA and Domain.tld share a naming convention, but do not share any infrastructure, to include identity management and DNS.  DomainA forwards all *.domain.tld (aside from *.domainA.domain.tld requests) to Domain.tld's DNS servers, however.

    Anyway, a forest trust is set up between Domain.tld and DomainA.Domain.tld.  Verified functionality, works fine within AD, NTFS permissions, etc.  When I'm on DPMSERVER.Disjoint.domain.tld however, I cannot add hostname.DomainA.domain.tld to the agent list, either with a remote installation of the agent or an attachment of an existing agent.  Either method results in the following error:

    Unable to connect to the Active Directory Domain Services database.

    Make sure that the DPM server is a member of a domain and that a domain controller is running.  Also verify that there is network connectivity between the DPM server and the domain controller.


    Details:  There is no such object on the server (0x80072030)

    I've verified that I can add agents from the same disjoint.domain.tld, name resolution is fine in every direction, no firewall blocks between DPMSERVER.disjoint.domain.tld and the domain controllers or the host being installed to, tried several hosts on DomainA to no avail.

    The only thing I can look to blame at this time is the disjoint namespace, as this DPM system is joined to domain.tld but its primary suffix is disjoint.domain.tld.  I feel like this would have more coverage if this was an unsupported scenario however.

    Thank you.

    Wednesday, July 26, 2017 4:27 PM