I have a VM MOSS2007 server nicely sat in my POC domain. It works very nicely if I remote into the box.

Not much good to me though - I want users in our live domain to be able to log in and try things out over a conventional browser.

Typically in the past when I've had these kind of issues it is often the time sync between the two domains.

Remoting into the MOSS server and doing a net time /domain:poc shows me that it has bound onto a VM DC rather than one of my physical ones. I try to remote into the DC using my live domain credentials "trust relationship with trusted domain could not be verified". Ooo that's a good one!

Ok, just because I'm running out of ideas I shut down the VM DC, remove the MOSS from the domain and re-add it. It goes back in straight away no issues.

Great! Just to check I do a net time/domain:poc "No domain controller can be contacted".

Ok somehting very strange is now happening. I can't see the POC domain controllers? I can't see the live domain in the modify local groups dialogs. Hmm.

As a further experiment I do a runas notepad with credentials from the live domain. It runs. Ah. That's the final clue.

So it can see live DCs but not poc DCs. This is a FQDN issue!

The POC servers are actually fed their IP addresses via DHCP from the live domain except for a few static servers such as DCs, SQL servers, etc. Generally this isn't an issue but why is it now?

The reason is that previously I built all my VMs from a pre-rolled server and used NewSID to noble the new server. It caused me some issues with a beta of MOSS earlier on so this VM I decided to build from scratch.

Solution: Very simply add the poc domain suffix to the list of suffixes used in the DNS tab of the network settings.

All problems resolved and users now happily creating WIKI sites and the like.