66 Chapter 3 Preparing the TAPI environment213346.02Remote procedure calls and trust relationshipsWhen a remote TAPI client communicates with a TAPI server, two remoteprocedure calls (RPCs) are required. This requirement often causes problemsbecause network administrators do not usually configure their networks to allowreverse RPC requests which are not necessary for most network services.Telephony services are an exception because they rely on domain-basedvalidation, which requires reverse RPCs.In a typical TAPI call, the following communication occurs:• The client sends an RPC request to the TAPI server over a TCP/IPconnection.• The TAPI server verifies the client by communicating with the primarydomain controller of the server machine domain.• If the server machine domain trusts the user domain, the client is validatedand the TAPI server looks up what lines the clients has permission to use.• The TAPI Server sends a second (reverse) RPC request to the primary domaincontroller for the client machine domain to verify the client.• If the client machine domain trusts the server user domain, the validationsucceeds.In this example, the following trust relationships are necessary:• The server machine domain must trust the server user domain.• The client machine domain must trust the client user domain to enable clientusers to log in.Trust relationships are simplified if the server machine domain is the same as theserver user domain, or if the user machine domain is the same as the user domain.These groups can be configured as members of just one domain, or they can beconfigured as four separate domains, depending on network requirements.Microso fNote: The behaviour described in this section does not occur in anetwork where Windows 2000 client machines are validated by aWindows 2000 or Windows 2003 server. A second RPC is not required insuch a network configuration.