We have a 2008 native domain, non-R2.
For a project, in a remote data center, a 2008R2 DC was setup specifically to create a trust between a customer domain and ours.
We have VPN connectivity, wide open, to the colo (tested). Their server is 10.168.1.199 and their domain is ibts.int (2012)
The server they gave us is 10.168.1.200 and it's successfully been promoted as a full domain controller with GC. I've tested replication and replication seemed to work fine, but when I run dcdiag I get this. (2008)
Doing primary tests
Testing server: Lantel\IBTS-EXTDCStarting test: Advertising
Warning: DsGetDcName returned information for \\IBTS-DC.IBTS.int, when
we were trying to reach IBTS-EXTDC.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... IBTS-EXTDC failed test Advertising
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... IBTS-EXTDC failed test DFSREvent Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\IBTS-EXTDC\netlogon)
[IBTS-EXTDC] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... IBTS-EXTDC failed test NetLogons
Obviously these failures are a concern but i don't know why they would happen. I ran the same test on my primary dc with no errors. The first one concerns me the most "\IBTS-DC.IBTS.int" is their DC server name, why would my server be returning information for that server with no trust up?
Anyway moving on..
The vpn only allows their DC to talk to our one DC in the colo, but not the rest of my dc's but I don't think that matters?
For DNS on my colo machine NICI used 10.168.1.200 as primary, and i've tried a few different things as secondary, but currently it's one of my other DC's in my home office.
They created their half of the outgoing trust to us, with a shared password, with no problem. When I create my side External trust incoming, I get the following error.
"The operation failed. This operation cannot be performed on the current domain."
and in the system log
"The Security System could not establish a secured connection with the server LDAP/IBTS-DC.IBTS.int/IBTS.int@IBTS.INT. No authentication protocol was available."
I'm researching this error but not finding anything specific enough.
Any help is greatly appreciated.