Forum Discussion

Demz's avatar
Demz
Level 4
10 years ago

Unable to establish trust with domain controller

I have a problem with single virtual machine (domain controller). I cannot establish a trust with this VM. Trust works with all other VM's in this same Active Directory domain (they are not DC's).

I get this error when trying to establish a trust from BE 2014

2015-03-03 21_51_08.png

I have a dedicated service account for Backup Exec in AD. This account is member of domain admins and backup operators.

I use Backup Exec 2014 with all the latest available updates. Backup Exec sits on a physical Hyper-V host that is not member of this domain.

 

2014
Backing Up
Backup and Recovery
Backup Exec
Error messages
Not Applicable
Troubleshooting

7 Replies

Sort By
  • Colin_Weaver's avatar
    Colin_Weaver
    Moderator
    10 years ago

    Can you telnet on port 6101 from the DC back to the media server (media server listens on 6101, so run telnet on the DC to test this)

     

    If you can't you will need to fix this first and may have either a firewall, routing or DNS issue

  • Demz's avatar
    Demz
    Level 4
    10 years ago

    I tested and the port is open (as it should). There are no DNS or routing issues.

  • VJware's avatar
    VJware
    Level 6
    10 years ago

    Was the remote agent push installed or manually installed to this VM ? (Push installing automatically establishes trust).

    Does the BE account have the rights (specifically logon as a batch job) as mentioned in this KB for the DC - http://www.symantec.com/business/support/index?page=content&id=TECH23689

     

     

  • Demz's avatar
    Demz
    Level 4
    10 years ago

    I have used push install always. 

    Account that BE is using is a member of Domain Admins and Backup Operators group. I have understand that these should be enough?

    Establishing a trust succeeds with all the other VM's in same Active Directory domain with these same credentilas. Domain Controller VM is the only one that fails.

    Backup jobs run fine on this problematic machine. Should I even care about the trust failure?

     

     

  • VJware's avatar
    VJware
    Level 6
    10 years ago

    I have experienced this as well on my test machines i.e. the backup runs fine but manually establishing trust relationship fails. It's possibly a red herring and SGMon debugging could help in identifying the cause.


     

  • Juppeck's avatar
    Juppeck
    10 years ago

    Well, i god the similar issue at installation process of an BE2015 Agent for Windows on a Windows Server 2012R2 Domain controller.
    The main problem seems to be in accound access rights thats expect as an local user account for the BE agent. On a DC, local accunts are not available and the given domain admin account will not works succesfully, yet.

    I coul'nt find special installation information about the differents in installation process between a normal file server and an Domain controller installation.

    Could anyone lightenup the nebular environment aroud the installation of the BE Ageant on a WinServer 2012R2 Domain controller ?

     

    Thanks a lot in advaned Juppeck

  • nposistemi's avatar
    nposistemi
    10 years ago

    Hello,

     

    I had the same problem and solved using the administrator user of the domain.

    You have to use the domain adminstrator account or an account with the same permission.

    the simple user in the "domain admins" group doesn't work

    check wich permission has the domain admnistrator user of your domain

     

    bye