Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, May 19, 2016 8:15 PM
I am trying to publish to a trusted domain. The schema has been extended in the target domain, the system management container has been created and the default system account of the primary site server has been granted full control on the container.
sitecomp.log:
Processing forest <redacted>
No publishing account defined for this forest, will use the machine account instead.
Could not connect to the RootDSE container in Active Directory. HRESULT=8007203B
Any assistance would be appreciated. I can resolve the target domain name from the site server.
All replies (7)
Saturday, May 21, 2016 2:33 AM âś…Answered | 2 votes
Are the SRV DNS records for the domain controllers in this untrusted domain resolvable from the site server?
Jason | http://blog.configmgrftw.com | @jasonsandys
Friday, May 20, 2016 1:51 AM
Dear Sir,
Do you use site server computer account or a specific account? From the log, there should be no specific account specified. You can check this by going to Administration - Overview - Hierarchy Configuration - Active Directory Forests, right click forest, click Properties.
Make sure the permission is set as below for site server computer account:
https://technet.microsoft.com/en-us/library/gg712264.aspx#BKMK_SetSMContainer
You can try to use a specific account instead, make sure the account has proper permission.
Best regards
Frank
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]
Friday, May 20, 2016 3:22 AM
Hi Frank,
Thank you for your reply, I am using the site server computer account as specified per the instructions. The site server computer account has full control and descending objects. The verified account has the proper permissions. Please advise.
Friday, May 20, 2016 12:11 PM
Have you validated that a domain controller from that forest is resolvable and reachable from the site server?
Also, in your post, you said "trusted domain". Do you actually mean a trusted domain in an alternate forest?
Jason | http://blog.configmgrftw.com | @jasonsandys
Friday, May 20, 2016 1:37 PM
A domain controller is resolvable and reachable from the site server. The trusted domain is in an alternate forest.
Sunday, May 22, 2016 4:27 PM
Jason, no they are not. That appears to be the missing piece thank you.
Wednesday, May 25, 2016 1:39 AM
Dear Sir,
Did Jason's idea help to solve your issue at last? If so, please mark it as answer so that it's clear for others who get the same issue.
Thanks in advance:).
Best regards
Frank
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]