Share via

RPC error while Trust validation

Mohammed Anees 1 Reputation point
2020-07-31T18:08:58.263+00:00

Hi Team,

We are facing a issue in our environment where we have established 2 way trust.
There are 2 domains for example: AA & BB
There is 2 way trust established between them.
We have a DB Server in AA domain and is talking to DC: AZSUA.AA(It is an Azure Server) as seen through Set Logon.
When we connect to Domain controller : AZSUA.AA and validate Trust relationship with BB domain we are getting error as
"The Local Security Authority is unable to obtain an RPC connection to the Active Directory Domain controller AZSUB.BB(It is an Azure server). Please check that the name can be resolved and that the server is available"

We confirmed that from DB Server or DC:AZSUA.AA, we are able to ping and telnet port 53, 88 for AZSUB.BB.

Also from BB domain we are able to establish the Trust with AA domain.

Please let us know if any other things to be checked.

Windows for business Windows Client for IT Pros Directory services Active Directory

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2020-08-03T02:32:44.173+00:00

    Hello MohammedAnees-9236,

    Thank you for posting here.

    1.We can validate the trust relationship between AA and BB.

    For example, on one DC in AA, open Active Directory Domains and Trusts.
    right click the domain name\Properties\Trusts tab\select BB domain\Properties\Validate\type the domain administrator credentials and click OK. If we receive the message "The trust has been validates. It is in place and active", it means the forest/domain trust is OK.
    15104-trust1.png

    2.And perform the same steps on DC in BB.

    3.If we can not validate trust relationship between AA and BB, we should reset up trust between AA and BB.

    4.Before establishing forest/domain trust, we need to set up conditional forwarders OR secondary zone. We can set up conditional forwarders OR secondary zone based on the steps in the following similar cases.

    setup of trust relationship between 2 domains
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/9e501d72-5457-421a-b81b-3a1f83ac7b0e/setup-of-trust-relationship-between-2-domains?forum=winservergen

    5.Then we can refer to the link below to create forest/domain trust.
    http://technet.microsoft.com/en-us/library/cc780479(WS.10).aspx
    http://technet.microsoft.com/en-us/library/cc740018(WS.10).aspx

    6.Meanwhile, ensure all the AD required ports are open.
    Active Directory and Active Directory Domain Services Port Requirements
    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd772723(v=ws.10)?redirectedfrom=MSDN

    Active Directory Replication over Firewalls
    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/bb727063(v=technet.10)?redirectedfrom=MSDN

    If anything is unclear, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    0 comments
  2. Manas Dash 21 Reputation points
    2021-06-11T13:19:08.14+00:00

    104853-error.png

    I am also facing the same type of error when trying to validate the trust.

    0 comments
  3. Manas Dash 21 Reputation points
    2021-06-11T13:50:05.633+00:00

    Also unable to share a folder from one domain to another domain104855-error.png

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.