Solution 1:

I can set up the incoming side of the trust relationship on domain "a" so that it trusts domain "b".

This is strange. Because if the trust is incoming on domain a it means a is the trusted domain. ie: b trusts a.

Try to set the outgoing part of the trust first.

Your command tries to create the outgoing (trusting) part of the trust on domain b only. I think you need to set a trust password in this case. See: http://technet.microsoft.com/de-de/library/cc835085(WS.10).aspx

TRUSTING: Specifies to create or remove the trust object on the trusting domain. This value is valid only if you specify the /add or /remove parameter. The /passwordt parameter is required when you use the /add or /remove parameter.

Why do you use /oneside? Why not let netdom create both sides of the trust at once?

And make sure you don't have DCs with same names in both domains or else verification of the trust will fail.