Kind ladies and gentlemen, I've searched high and low for a solution to this problem and have come up short to this point, I'm hoping someone here can help me out...
We're running Windows 2000/AD with a Windows 2000 RAS server in our parent domain, let's say DOMAIN.COM. Recently we've added a child domain for a company that we've acquired, let's call that CHILD.DOMAIN.COM... The RAS (VPN) server in DOMAIN.COM allows users to log into their DOMAIN.COM accounts without problem. Unfortunately, users in CHILD.DOMAIN.COM do not seem to be able to log in through the RAS server... When attempting to log on by specifying the Netbios style domain, CDOMAIN, in the Domain field in DUN ((from Windows 2000 or XP clients), the RAS server generates the following error: Event Type: Warning Event Source: RemoteAccess Event Category: None Event ID: 20189 Date: 6/19/2003 Time: 2:13:18 PM User: N/A Computer: RAS Description: The user CDOMAIN\user connected from xx.xx.xx.xx but failed an authentication attempt due to the following reason: The specified domain does not exist. When attempting to log in using the UPN style username ([EMAIL PROTECTED]) from the same Win2000 or XP client, I get this error: Event Type: Error Event Source: RemoteAccess Event Category: None Event ID: 20073 Date: 6/19/2003 Time: 2:13:56 PM User: N/A Computer: RAS Description: The following error occurred in the Point to Point Protocol module on port: VPN4-126, UserName: [EMAIL PROTECTED] The authentication server did not respond to authentication requests in a timely fashion. Data: 0000: a2 03 00 00 �... I have verified IP connectivity between the RAS server and a DC for the child domain. I also know that the RAS server can contact a GC, though I don't know if it really uses GC's to look up the proper user domains (is RAS really properly AD aware?)... I'm hoping I don't have to set up another RAS server just to service the accounts in the child domain. Anyone else ever try this who can offer some help? Thanks in advance! Joe Pochedley If you have time to do it twice, you had time to do it right in the first place. -------------------------------------------------------------------------- The WINNT-L list is hosted on a Windows NT(TM) machine running L-Soft international's LISTSERV(R) software. For subscription/signoff info and archives, see http://peach.ease.lsoft.com/archives/winnt-l.html . COPYRIGHT INFO: http://peach.ease.lsoft.com/scripts/wa.exe?SHOWTPL=COPYRIGHT&L=WINNT-L ------ You are subscribed as [EMAIL PROTECTED] Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&text_mode=&lang=english To unsubscribe send a blank email to [EMAIL PROTECTED]
