ForensiT Homepage
Forum Home Forum Home > ForensiT Support > Domain Migration
  New Posts New Posts RSS Feed - Error 1355 with VPN
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Error 1355 with VPN

 Post Reply Post Reply
Author
Message
nkingsbury View Drop Down
Newbie
Newbie


Joined: 09 Sep 2014
Status: Offline
Points: 4
Post Options Post Options   Thanks (0) Thanks(0)   Quote nkingsbury Quote  Post ReplyReply Direct Link To This Post Topic: Error 1355 with VPN
    Posted: 09 Sep 2014 at 1:58pm
Hello, I do not mean to steal this thread, just wanted to say that I am receiving the same error. I am trying to remotely join a user to a domain through a VPN connection that does have access to both new and old domain controller.

I am able to join to the domain manually (system properties > change computer/domain name )

LOG:
ForensiT User Profile Wizard v3.7.1190
Copyright (c) 2002-2013 ForensiT Ltd
www.ForensiT.com

Finding Domain Controller for domain NEW-DOMAIN... Done.
Using Domain Controller: \\NEW_DOMAIN-DC-1.
Connecting to Domain Controller... Done.
Getting Domain SID for user "nk4g87"... Done.
SID is S-1-5-21-1426190293-2581963236-2303502020-43384
Checking for roaming profile... Done.
No roaming profile path set.
Setting Registry ACLs... Done.
Set Registry ACLs in 0.920 seconds.
Setting Profile ACL... Done.
Set Profile ACL in 1.716 seconds.
Creating Profile registry keys... Done.
Joining to domain "NEW-DOMAIN" ... Fails.
Error 1355. The specified domain either does not exist or could not be contacted.
Migration Fails.
Back to Top
Support View Drop Down
Moderator Group
Moderator Group


Joined: 09 Nov 2006
Location: United Kingdom
Status: Offline
Points: 1844
Post Options Post Options   Thanks (0) Thanks(0)   Quote Support Quote  Post ReplyReply Direct Link To This Post Posted: 10 Sep 2014 at 7:52am
This is a VPN routing issue. Try specifying the domain name in FQDN format: so new-domain.com, instead of the "flat" NetBIOS name NEW-DOMAIN. (You might also have to specify LDAP as the <ProtocolPriority> in Profwiz.config.
Back to Top
nkingsbury View Drop Down
Newbie
Newbie


Joined: 09 Sep 2014
Status: Offline
Points: 4
Post Options Post Options   Thanks (0) Thanks(0)   Quote nkingsbury Quote  Post ReplyReply Direct Link To This Post Posted: 10 Sep 2014 at 1:45pm
Thanks for the response, that got things working ( I also had to add the NEW-DOMAIN DNS server into our firewalls VPN user group) Only thing that is not working now is the SID History mapping. I am not sure what is causing that to fail
Back to Top
nkingsbury View Drop Down
Newbie
Newbie


Joined: 09 Sep 2014
Status: Offline
Points: 4
Post Options Post Options   Thanks (0) Thanks(0)   Quote nkingsbury Quote  Post ReplyReply Direct Link To This Post Posted: 10 Sep 2014 at 1:53pm
Actually I spoke to soon. The migration seemed to complete, but now when I restarted that system and try to log in I get "The specified domain either does not exist or could not be contacted" I even get that message when trying to log into the local admin account.

UPDATE:
I restored the computer to its previous state and removed the setsIDHistory to False and ran profwiz again over VPN. It completed successfully but I still get the error "The specified domain either does not exist or could not be contacted"

I looked under system properties before rebooting and it showed the domain as new-domain.com, but when I try to log in and go to switch user, i should say "log on to:new-domain" it just says "Log on to:" as if it does not have a domain attached to it. Again, I can not log on any way even when physically connected to the LAN.

Thanks for any help.

Edited by nkingsbury - 10 Sep 2014 at 4:06pm
Back to Top
nkingsbury View Drop Down
Newbie
Newbie


Joined: 09 Sep 2014
Status: Offline
Points: 4
Post Options Post Options   Thanks (0) Thanks(0)   Quote nkingsbury Quote  Post ReplyReply Direct Link To This Post Posted: 11 Sep 2014 at 1:09pm
OK, I have gotten profwiz to successfully migrate the profile and join the proper domain. Now the last issue I am having is it is not changing the DNS suffix in the computer name so the full computer name will be:
computername.old-domain.com
domain: new-domain.com

This ends up causing a trust relationship issue with the DC. Is there a setting I am missing in the config that should be changing that?
Back to Top
Support View Drop Down
Moderator Group
Moderator Group


Joined: 09 Nov 2006
Location: United Kingdom
Status: Offline
Points: 1844
Post Options Post Options   Thanks (0) Thanks(0)   Quote Support Quote  Post ReplyReply Direct Link To This Post Posted: 12 Sep 2014 at 1:23am
We have seen this a number of times where customers set the workstation DNS suffix via a Group Policy: if the Group Policy is not reset for the new domain the error will occur. The DNS suffix should be set correctly by User Profile Wizard at the end of the migration; it may then be reset again by the (old, incorrect) Group Policy later.
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.03
Copyright ©2001-2019 Web Wiz Ltd.

This page was generated in 0.031 seconds.