Hello, Company A acquired Company B:
A: Windows 2000 SP4 DC's and one Server 2003 SP1 DC B: Windows Server 2003 DC's A site to site IPSec VPN connection between the two sites was up and running months ago. Ping by name (and IP address) results are good. Today, we added a two-way external non-transitive trust between the two forests, first from domain A's 2003 DC and then domain B's 2003 DC. Subsequently, domain B shows up on Domain A member PC and is also available from various security (permissions) locations, however, you cannot enumerate domain B's AD from there. Here are some error messages: Event Type: Error Event Source: NETLOGON Event Category: None Event ID: 5719 Date: 24/04/2006 Time: 12:40:31 PM User: N/A Computer: NYDC2 Description: This computer was not able to set up a secure session with a domain controller in domain EXAMPLE due to the following: The remote procedure call failed and did not execute. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. I have looked at the following from Microsoft, but I am hesitant to proceed. Has anyone else seen this? Event ID 5719 - The system cannot log you on now because the domain "name" is not available." Symptoms: when attempting to logon a domain, you keep getting an error that "The system cannot log you on now because the domain "name" is not available." Also, Event viewer shows Event ID: 5719. No Windows NT or Windows 2000 Domain Controller is available for domain <domain name>. The following error occurred: There are currently no logon servers available to service the logon request. Resolutions: One possible cause of this error is that you have run out of buffer space in the NetBT datagram buffer. To resolve this problem, increase the MaxDgramBuffering value from 128 KB to 256 KB. Run Regedt32.exe, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters. On the Edit menu, click Add Value, and then add the following information: Value Name: MaxDgramBuffering Data Type: REG_DWORD Value: 0x40000 Refer to 072704RL List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/