7 Replies Latest reply: Feb 25, 2010 3:08 PM by jradziszewski RSS

    Rollup two Cores on different Domains with no trust

    Apprentice

      I have two core servers that are on different domains. The doamins do not have any trust between them. I need to open induvidual ports in the firewalls on both ends in oreder to roll up the second core. The first core is on the same domain as the second core, and has already been rolled up. Does anyone have any idea what ports need to be open so I can acomplish the second core rollup?

      When the rollup server connects to the core when you add a new core, it reads the database information from the remote registry. What account does it use to do this, and is this a one time thing, or does it do it everytime that it rolls up the data?

        • 1. Re: Rollup two Cores on different Domains with no trust
          Johann Apprentice

          James,

           

          I have a similar issue in our enviroment.

          Two Core Server, one Rollup Core. First Core (in same domain as Rollup Core) did the rollup well. Second Core in another domain with not trust didn't succeed. Error message something like "NT authority failed...coulnd't access remote registry..."

          Our solution was logging in on the Rollup and creating a mapping to the c-drive of the Core Server in the different domain. Mapping went well with credentials from the other domain. After that I tried to add the second server to the Rollup Core again and was asked for credentials from the other domain. Entered them and it worked fine.

           

          Hope this helps you.

           

          Johann

          • 2. Re: Rollup two Cores on different Domains with no trust
            MarXtar SSMMVPGroup

            The advice above is good. As a note, the connection to read settings is a one time thing so you will be fine after the first time.

             

            Mark Star - MarXtar LANDesk Enhancements

            Home of Power State Notifier & Wake-On-WAN for LANDesk

            New Updated Power State Notifier Pro!

            • 3. Re: Rollup two Cores on different Domains with no trust
              Apprentice

              After months of cutting red tape, I now have a local admin account on the server that I am trying to rollup, which is not on the same domain as my rollup server.

              When I run the LANDesk Rollup Utility to add the off domain core, I receive the error "unable to connect to the registry on the core server 'server_name'. Verify your NT user can authenticate to the rollup core server."

              Which NT user is this?  I am loged into the rollup server with a local Admin account. I have created this same account on the off domain core server. I am able to see the shares (ldlogon, ect) that are on the core server that I am trying to roll up.

              Can anybody point me in the right direction?

              • 4. Re: Rollup two Cores on different Domains with no trust
                jradziszewski SupportEmployee

                Try issuing a "NET USE * \\[remoteserver]\c$" in a command prompt window before adding the source (remote) core in the rollup tool.

                • 5. Re: Rollup two Cores on different Domains with no trust
                  jradziszewski SupportEmployee

                  Also try opening the regsitry editor on the rollup core, and remotley connecting to the source / child core (File > Connect Network Registry) and reading HKLM\SOFTWARE\LANDesk\ManagementSuite\Core\Connections\Local.

                  • 6. Re: Rollup two Cores on different Domains with no trust
                    Apprentice

                    Thanks for the replys. I have tried issuing the NET USE command, but can't tell if it worked. I received the same error after I did it, so I don't think it worked.

                    As far as reading the remote servers registry, I can view the contents, but not sure what you mean by reading it. Is there a way that I can import this info into the rollup utility directly from the remote computers registry?

                     

                    Opening the regsitry editor on the rollup core, and remotley connecting to the source / child core (File > Connect Network Registry) and readingHKLM\SOFTWARE\LANDesk\ManagementSuite\Core\Connections\Local.

                    • 7. Re: Rollup two Cores on different Domains with no trust
                      jradziszewski SupportEmployee

                      If you run the NET USE command (e.g NET USE * \\server\c$) from a command prompt window (CMD.EXE) you should see the following message in the command prompt window.

                       

                      Drive X: is now connected to \\server\c$.

                       

                      The command completed successfully.

                       

                      If you are prompted for credentials, enter those and you should see the same message.