> Hi,
>
> i`ve a problem creating a external trust between two domains.
>
> 1st: Windows Server 2003 (Windows Server 2003 SP2)
> 2nd: Windows 200 native (Windows Server 2003 R2 SP2)
>
> DNS is configured with conditional dns and the dns resolution is not
> the problem i think.
>
> If i click finish to create the trust i got the error with "the
> specified user already exists"
>
> But i don`t know which user is  meant ?!
>
> There are no duplicatet user or computer accounts.
>
> How could i solve this problem?
>
> I`ve already read
>
> http://support.microsoft.com/?scid=kb%3Ben-us%3B295335&x=8&y=8
> http://support.microsoft.com/?scid=kb%3Ben-us%3B266633&x=12&y=10
>
> Thx and regards
> woisch

> Hi,
>
> i`ve a problem creating a external trust between two domains.
>
> 1st: Windows Server 2003 (Windows Server 2003 SP2) 2nd: Windows 200
> native (Windows Server 2003 R2 SP2)
>
> DNS is configured with conditional dns and the dns resolution is not
> the problem i think.
>
> If i click finish to create the trust i got the error with "the
> specified user already exists"
>
> But i don`t know which user is  meant ?!
>
> There are no duplicatet user or computer accounts.
>
> How could i solve this problem?
>
> I`ve already read
>
> http://support.microsoft.com/?scid=kb%3Ben-us%3B295335&x=8&y=8
> http://support.microsoft.com/?scid=kb%3Ben-us%3B266633&x=12&y=10
>
> Thx and regards
> woisch

"woisch" wrote:

> Hi,
>
> i`ve a problem creating a external trust between two domains.
>
> 1st: Windows Server 2003 (Windows Server 2003 SP2)
> 2nd: Windows 200 native (Windows Server 2003 R2 SP2)
>
> DNS is configured with conditional dns and the dns resolution is not the
> problem i think.
>
> If i click finish to create the trust i got the error with "the specified
> user already exists"
>
> But i don`t know which user is  meant ?!
>
> There are no duplicatet user or computer accounts.
>
> How could i solve this problem?
>
> I`ve already read
>
> http://support.microsoft.com/?scid=kb%3Ben-us%3B295335&x=8&y=8
> http://support.microsoft.com/?scid=kb%3Ben-us%3B266633&x=12&y=10
>
> Thx and regards
> woisch
>

"Milun Jevremovic" wrote:

> Hello,
>
> when trust is created, In AD 2 objects are created:
> - TDO (trusted domain object), which is usualy not creating problems
> - User object (in Users container), containing NETBIOS name of
> trusted/trusting domain with $ at the end. This user object is not visible in
> ADUC, but it is in ADSIEdit.
>
> Usualy when you get this error, on side where you are getting it you already
> have object with identical username. Since we have $ at end, that is probably
> COMPUTER object, although we possibly have earlier, not properly removed
> trust with the same domain.
>
> Regards,
>
> Milun
>
> "woisch" wrote:
>
> > Hi,
> >
> > i`ve a problem creating a external trust between two domains.
> >
> > 1st: Windows Server 2003 (Windows Server 2003 SP2)
> > 2nd: Windows 200 native (Windows Server 2003 R2 SP2)
> >
> > DNS is configured with conditional dns and the dns resolution is not the
> > problem i think.
> >
> > If i click finish to create the trust i got the error with "the specified
> > user already exists"
> >
> > But i don`t know which user is  meant ?!
> >
> > There are no duplicatet user or computer accounts.
> >
> > How could i solve this problem?
> >
> > I`ve already read
> >
> > http://support.microsoft.com/?scid=kb%3Ben-us%3B295335&x=8&y=8
> > http://support.microsoft.com/?scid=kb%3Ben-us%3B266633&x=12&y=10
> >
> > Thx and regards
> > woisch
> >

"woisch" wrote:

> Okay, i`ve now tried in a virtual environment to create a trust. I tried it
> on two fresh domains and it works.
>
> I removed the trust once more.
>
> Then i created a computer account on both domains with the same name and
> additional a user account witth same name on both domains.
>
> I created the trust again and it works?! Why ??
>
> In the real domain we used also wins server and i checked them. No
> duplicated items.
>
> That`s strange.....
>
> @ Milun Jevremovic
> I`ve a look at both domains in adsiedit and checked the CN=Users vor a
> account with $ . No account found.
>
> I`ve also checked the Active Directory Container "System" for a folder with
> the type "trust" ..... but nothing.
>
> If i make a:
>
> DSQUERY COMPUTER -SAMID <DOMAIN-NAME>$
> DSQUERY COMPUTER -NAME <DOMAIN-NAME>
>
> i got an empty line on the command line....
>
> The other strange thing is:
>
> domain a: unlimitedttest.co.uk (not the real name)
> domain b: heaventest.com (not the real name)
>
> If i created a trust from unlimitedtest.co.uk:
>
> 1. External Trust
> 2. Two-Way
> 3. This domain only (not both this domain and the specified domain)
> 4. Domain-wide authentication
> 5. Trust password
>
> the trust works from this side. If i configure it from the other side, it
> didnt work....
>
> And if i creat the trust from unlimitedtest.co.uk WITH "Both this domain and
> the specified domain" i got the same error with the specified user.
>
> I`m a little bit confused now. ;) Is the failure on the "heaventest.com"
> domain? Because from the other domain i can create a trust....
>
> Hope for help ;)
>
> Thx
> Woisch
>
> "Milun Jevremovic" wrote:
>
> > Hello,
> >
> > when trust is created, In AD 2 objects are created:
> > - TDO (trusted domain object), which is usualy not creating problems
> > - User object (in Users container), containing NETBIOS name of
> > trusted/trusting domain with $ at the end. This user object is not visible in
> > ADUC, but it is in ADSIEdit.
> >
> > Usualy when you get this error, on side where you are getting it you already
> > have object with identical username. Since we have $ at end, that is probably
> > COMPUTER object, although we possibly have earlier, not properly removed
> > trust with the same domain.
> >
> > Regards,
> >
> > Milun
> >
> > "woisch" wrote:
> >
> > > Hi,
> > >
> > > i`ve a problem creating a external trust between two domains.
> > >
> > > 1st: Windows Server 2003 (Windows Server 2003 SP2)
> > > 2nd: Windows 200 native (Windows Server 2003 R2 SP2)
> > >
> > > DNS is configured with conditional dns and the dns resolution is not the
> > > problem i think.
> > >
> > > If i click finish to create the trust i got the error with "the specified
> > > user already exists"
> > >
> > > But i don`t know which user is  meant ?!
> > >
> > > There are no duplicatet user or computer accounts.
> > >
> > > How could i solve this problem?
> > >
> > > I`ve already read
> > >
> > > http://support.microsoft.com/?scid=kb%3Ben-us%3B295335&x=8&y=8
> > > http://support.microsoft.com/?scid=kb%3Ben-us%3B266633&x=12&y=10
> > >
> > > Thx and regards
> > > woisch
> > >

"Milun Jevremovic" wrote:

> Definitelly sounds like problem on second domain.
>
> Let say that NETBIOS names of your domains are UNLIMITED and HEAVEN
>
> So, on heaventest.com you are sure that you do not have user account named
> unlimited or computer account UNLIMITED, as well you do not have UNLIMITED$
> in Users container (leftover of previous trust). It is not problem to have
> HEAVEN computer on HEAVEN domain, but name of oposite domain.
>
> PLease check Lost and Found container via ADSIEDIT or LDP, as well Deleted
> Object (via LDP, after enabling Control option to return deleted objects),
> for any of those options.
>
> Only other option I see at present moment is:
> - as somebody mentioned, your UNLIMITED NETBIOS domain name is "protected"
> name which cannot be used in trusts (like INTERNET, DOMAIN, SYSTEM, not sure
> what others are). Usualy they were created in NT time where no protection was
> set and upgraded to 2000/2003 without renaming
>
> Milun
>
> "woisch" wrote:
>
> > Okay, i`ve now tried in a virtual environment to create a trust. I tried it
> > on two fresh domains and it works.
> >
> > I removed the trust once more.
> >
> > Then i created a computer account on both domains with the same name and
> > additional a user account witth same name on both domains.
> >
> > I created the trust again and it works?! Why ??
> >
> > In the real domain we used also wins server and i checked them. No
> > duplicated items.
> >
> > That`s strange.....
> >
> > @ Milun Jevremovic
> > I`ve a look at both domains in adsiedit and checked the CN=Users vor a
> > account with $ . No account found.
> >
> > I`ve also checked the Active Directory Container "System" for a folder with
> > the type "trust" ..... but nothing.
> >
> > If i make a:
> >
> > DSQUERY COMPUTER -SAMID <DOMAIN-NAME>$
> > DSQUERY COMPUTER -NAME <DOMAIN-NAME>
> >
> > i got an empty line on the command line....
> >
> > The other strange thing is:
> >
> > domain a: unlimitedttest.co.uk (not the real name)
> > domain b: heaventest.com (not the real name)
> >
> > If i created a trust from unlimitedtest.co.uk:
> >
> > 1. External Trust
> > 2. Two-Way
> > 3. This domain only (not both this domain and the specified domain)
> > 4. Domain-wide authentication
> > 5. Trust password
> >
> > the trust works from this side. If i configure it from the other side, it
> > didnt work....
> >
> > And if i creat the trust from unlimitedtest.co.uk WITH "Both this domain and
> > the specified domain" i got the same error with the specified user.
> >
> > I`m a little bit confused now. ;) Is the failure on the "heaventest.com"
> > domain? Because from the other domain i can create a trust....
> >
> > Hope for help ;)
> >
> > Thx
> > Woisch
> >
> > "Milun Jevremovic" wrote:
> >
> > > Hello,
> > >
> > > when trust is created, In AD 2 objects are created:
> > > - TDO (trusted domain object), which is usualy not creating problems
> > > - User object (in Users container), containing NETBIOS name of
> > > trusted/trusting domain with $ at the end. This user object is not visible in
> > > ADUC, but it is in ADSIEdit.
> > >
> > > Usualy when you get this error, on side where you are getting it you already
> > > have object with identical username. Since we have $ at end, that is probably
> > > COMPUTER object, although we possibly have earlier, not properly removed
> > > trust with the same domain.
> > >
> > > Regards,
> > >
> > > Milun
> > >
> > > "woisch" wrote:
> > >
> > > > Hi,
> > > >
> > > > i`ve a problem creating a external trust between two domains.
> > > >
> > > > 1st: Windows Server 2003 (Windows Server 2003 SP2)
> > > > 2nd: Windows 200 native (Windows Server 2003 R2 SP2)
> > > >
> > > > DNS is configured with conditional dns and the dns resolution is not the
> > > > problem i think.
> > > >
> > > > If i click finish to create the trust i got the error with "the specified
> > > > user already exists"
> > > >
> > > > But i don`t know which user is  meant ?!
> > > >
> > > > There are no duplicatet user or computer accounts.
> > > >
> > > > How could i solve this problem?
> > > >
> > > > I`ve already read
> > > >
> > > > http://support.microsoft.com/?scid=kb%3Ben-us%3B295335&x=8&y=8
> > > > http://support.microsoft.com/?scid=kb%3Ben-us%3B266633&x=12&y=10
> > > >
> > > > Thx and regards
> > > > woisch
> > > >