Hello Experts Here is the scenraio: SharePoint2007 is joined to Domain A (resource forest) Users are from Domain B (Account forest) We have a One Way Forest Trust between the Domains, where Domain A trusts Domain B. When configuring User Profile Import from Domain B, we get the below error message and the connection si not created. "An error occurred while validating or updating the directory service connection. No connection was added." Yes, we are giving the correct Domain name, using port 389, auto discovery of domain controller and using an account from Domain B for authentication. We referred this article though it didnt apply in our case - http://support.microsoft.com/kb/928622. Any thoughts why this is happening ? And question in mind is, do we need a trust in place for user profile import to work ? Please help. /T

Hi, Please refer http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/b8e639c5-859e-4e5c-83a5-880b71d9923f which says n order to set up the user import from external domain - the trust will have to be a 2-way trust at the time the import is configured. Once the import is configured you can drop the trust back to a one-way trust.Regards, Pratik Vyas | SharePoint Consultant | http://sharepointpratik.blogspot.com/

Hi THanks for the reply. We have another setup similar to this with the One way trust and the same user profile import feature works. 2-way trust is guess is NOT a requirement. /T

Hi, Please try the following steps to troubleshoot your issue: 1. check the following list of ports, make sure they have be opened on the firewall: 389 (UDP / TCP) for LDAP 135 (TCP) for RPC 139 (TCP) for communication, then the DCOM port (TCP) that is returned by the 139 request. 88 (TCP) for kerberos authentication *445 (TCP) (Directory services) 2. Have you set AAM for your SSP web application? If yes, make sure it configure properly. 3. Which account are you using for importing user profiles from the connection? Did the account have access to the target domain? I think this article can help you: http://technet.microsoft.com/en-us/library/cc263247(office.12).aspx Let me know the result. Xue-Mei Chang TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.comXue-Mei Chang

Hi, Please try the following steps to troubleshoot your issue: 1. check the following list of ports, make sure they have be opened on the firewall: 389 (UDP / TCP) for LDAP 135 (TCP) for RPC 139 (TCP) for communication, then the DCOM port (TCP) that is returned by the 139 request. 88 (TCP) for kerberos authentication *445 (TCP) (Directory services) 2. Have you set AAM for your SSP web application? If yes, make sure it configure properly. 3. Which account are you using for importing user profiles from the connection? Did the account have access to the target domain? I think this article can help you: http://technet.microsoft.com/en-us/library/cc263247(office.12).aspx Let me know the result. Xue-Mei Chang TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.comXue-Mei Chang