I am also facing the same type of error when trying to validate the trust.
RPC error while Trust validation
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 80%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Mohammed Anees
6
Reputation points
Hi Team,
We are facing a issue in our environment where we have established 2 way trust.
There are 2 domains for example: AA & BB
There is 2 way trust established between them.
We have a DB Server in AA domain and is talking to DC: AZSUA.AA(It is an Azure Server) as seen through Set Logon.
When we connect to Domain controller : AZSUA.AA and validate Trust relationship with BB domain we are getting error as
"The Local Security Authority is unable to obtain an RPC connection to the Active Directory Domain controller AZSUB.BB(It is an Azure server). Please check that the name can be resolved and that the server is available"
We confirmed that from DB Server or DC:AZSUA.AA, we are able to ping and telnet port 53, 88 for AZSUB.BB.
Also from BB domain we are able to establish the Trust with AA domain.
Please let us know if any other things to be checked.
Windows for business | Windows Client for IT Pros | Directory services | Active Directory
{count} vote
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous2020-08-06T05:16:20.63+00:00 Hi
How are things going on your end? Please keep me posted on this issue.
If you have any further questions or concerns about this question, please let us know.
I appreciate your time and efforts.Best Regards,
Daisy Zhou -
Anonymous
2020-08-10T07:06:49.837+00:00 Hi,
I am just writing to see if this question has any update. If anything is unclear, please feel free to let us know.
Thanks for your time and have a nice day!Best Regards,
Daisy Zhou
Sign in to comment
3 answers
Sort by: Most helpful
-
-
Anonymous
2020-08-03T02:32:44.173+00:00 Hello MohammedAnees-9236,
Thank you for posting here.
1.We can validate the trust relationship between AA and BB.
For example, on one DC in AA, open Active Directory Domains and Trusts.
right click the domain name\Properties\Trusts tab\select BB domain\Properties\Validate\type the domain administrator credentials and click OK. If we receive the message "The trust has been validates. It is in place and active", it means the forest/domain trust is OK.
2.And perform the same steps on DC in BB.
3.If we can not validate trust relationship between AA and BB, we should reset up trust between AA and BB.
4.Before establishing forest/domain trust, we need to set up conditional forwarders OR secondary zone. We can set up conditional forwarders OR secondary zone based on the steps in the following similar cases.
setup of trust relationship between 2 domains
https://social.technet.microsoft.com/Forums/windowsserver/en-US/9e501d72-5457-421a-b81b-3a1f83ac7b0e/setup-of-trust-relationship-between-2-domains?forum=winservergen5.Then we can refer to the link below to create forest/domain trust.
http://technet.microsoft.com/en-us/library/cc780479(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc740018(WS.10).aspx6.Meanwhile, ensure all the AD required ports are open.
Active Directory and Active Directory Domain Services Port Requirements
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd772723(v=ws.10)?redirectedfrom=MSDNActive Directory Replication over Firewalls
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/bb727063(v=technet.10)?redirectedfrom=MSDNIf anything is unclear, please feel free to let us know.
Best Regards,
Daisy Zhou -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 52%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)
Manas Dash 26 Reputation points2021-06-11T13:50:05.633+00:00 Also unable to share a folder from one domain to another domain
