Good morning, I recently just installed a point to point connection to join my two networks together. I have two separate domains on the point to point. Each domain has two domain controllers. I can't seem to get the trust relationship to take. When I go to my domain controller I open the "new trust wizard" and when I add the other domain "domain2.local" I receive a message saying Cannot Continue- The New Trust Wizard cannot continue because the specified domain cannot be contacted. I am unsure what I'm doing wrong. Can anyone assist? Thank you, Tommy

Actually it's late afternoon over here but welcome anyways ;) I know you chose 'domain2.local' as an example, but if you're actually using a .local extension the domain can't be contacted since it's not registered with any DNS. I would recommend using the hosts-file to tell your two DC's where the domain1.local and domain2.local really are, i.e. the IP or DDNS to it. That should be enough.

Can you explain further? I dont quite understand what I need to do.

tommypa to create domain to domain trusts they need to be in the same forest. I suspect this is not the case since these have been separate sites. In which case you have two different forests [hopefull not the same name or you have larger issues.] http://technet.microsoft.com/en-us/... BTW you can't think in terms of domain trusts like in NT days. It is all about forests now.

I'll try and explain better... What's your actual domain name? I'm sure it's not domain1.local. Let's say for example that you have tommypa.local, then you have a local domain that isn't registered with any DNS server, but if you have tommypa.com then chances are you have your domain registered with an external DNS server, which means that if anyone outside of your network would type 'ping tommypa.com' in the command prompt, they would get a reply from your domain controller. In other words, I don't think your two DC's can find each other, because they are looking for a domain that's non-existing (i.e it exists locally in the LAN but not on the WAN). A quick fix, if this is your problem, would be to edit the hosts-file on the first DC (domain1.local). The file is located in C:\WINDOWS\system32\drivers\etc. Open it with notepad and type this (assuming the IP of DC2 is 192.168.20.1): 192.168.20.1 domain2.local And on the second DC (domain2.local) type this (assuming the IP of DC1 is 192.168.10.1): 192.168.10.1 domain1.local Since the hosts-file has priority over the DNS records, it will tell your servers to go to 192.168.10.1 / 192.168.20.1 to find the domains. You could call is hard-coding of DNS records. If it doesn't work you can just edit the hosts-files again and remove the input. No harm done.

Phatsta what does what you write have to do with setting up trusts? There is no mention in tommypa's post that this has anything to do with a public domain name which also does not relate to setting up trusts.

I takeit you have the neccesary ports open on the firewall(s)? http://windowsitpro.com/article/art... We can presume because you have 2 different DC's that they are in different root forrests on different subnets. If that is the case they will be seperated by firewalls of which you will need to open the neccesary ports in order for them to communicate.