Russ, Missed the fact that it was a nt4 trust. Only option is to recreate the trust to reset trust.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: Wednesday, April 21, 2004 5:18 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Trust issue When attempting the /reset, I got "Cannot reset the trust passwords; both domains must be Windows 2000 domains." Which is correct - the trust is NT4-Win2k. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of E Brown Sent: Wednesday, April 21, 2004 1:48 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Trust issue Russ, For grins can you use your admin credentials for both sides to verify? If this still fails, a /reset will get the trust stable again. If this problem continue to happen, you can you trustmon if you are pre-W2k3. There is a WMI provider built into W2k3. Let me know the results. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: Tuesday, April 20, 2004 4:41 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Trust issue C:\>netdom trust wh1 /domain:ccc.ourcompany.com /verify /verbose Establishing a session with \\WHPDC01 Reading LSA domain policy information Establishing a session with \\cambindc01.ccc.ourcompany.com Reading LSA domain policy information Verifying the trust between trusting domain wh1 and trusted domain ccc.coopcam.com Verifying the trust between trusting domain ccc.ourcompany.com and trusted domain wh1 The secure channel query on domain controller \\cambindc01.ccc.ourcompany.com for t rusting domain WH1 failed with the following error: Access is denied. The attempt to contact the NetLogon service on domain controller \\cambindc01.cc c.ourcompany.com for a secure channel reset of trusting domain WH1 failed with the following error: Access is denied. Deleting the session with \\cambindc01.ccc.coopcam.com Deleting the session with \\WHPDC01 The command completed successfully. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of E Brown Sent: Monday, April 19, 2004 9:08 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Trust issue Russ, Do you test this with nltest or netdom? Can you run the test with netdom and add the /verbose switch on the end? Paste the output will show failure reason. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: Monday, April 19, 2004 4:34 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Trust issue We have a trust between our old NT4 domain and our new AD domain. One of our sites that has an AD domain controller at it is having issues. When I login to that sites domain controller and try to verify the trust, I get: The secure channel (SC) query on domain controller \\cambindc01.abc.ourdomain.com of domain abc.ourdomain.com to domain WH1 failed with error: Access is denied. An SC reset will be attempted. The trust verifys fine when trying to verify on any other domain controller, it's just this one DC that it fails on. Any suggestions where to begin? Thanks ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
