Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need assistance with DNS/Trust issue.

Status
Not open for further replies.
zalaska

zalaska

IS-IT--Management
Joined
Sep 12, 2007
Messages
52
Location
US
Hello all. I am sure that someone with a good DNS background etc. might be able to give me a hand. I have a one forest network containing two separate leaf domains (domain A, and domain B). Each of these domains have a DNS forwarder pointed to an external DNS server to get to the internet for microsoft updates etc., this works fine. The DC in domain A can ping the DC in domain B. The DC in domain B cannot ping the DC in domain A (ping request cannot find host dc01.a.local) . There is definitely a DNS issue, and I am having an issue with the trust (DNS issue). I need to be able to set up a trust between these two domains. Both servers are Server 2008 and are in a mockup. I am in a pickle and need to get this resolved.
 
Sort by date Sort by votes
Please post the IPCONFIGs of both servers.

Generally speaking, the DNS servers in one domain need to know where to go to resolves names in the other domain, and since the domains are internal (assuming) then the external DNS doesn't know anything about it (which is as it should be). You just need to tell each domain/DNS server where to go.

I typically use stub zones in this situation. Create a stub zone on the DNS server for DomainA that points to the DNS servers for DomainB. Create a sub zone on the DNS server for DomainB that points to the DNS servers for DomainA. After that they should be able to resolve just fine. What this will do is cause the DNS server in one domain to contact the DNS servers in the other domain any time that it needs to resolve a name. For smaller networks this is more than sufficient, but with larger networks it can result in a lot of additional DNS traffic.

In those larger networks you will probably want to use a secondary zone instead of a stub zone. A server with secondary zone gets a copy of the zone file from the primary DNS server so that it does not have to constantly query other DNS servers for the correct information, but by doing so you increase the chances of the zone data being outdated.



________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

techbrain1
  • Locked
  • Question Question
Trust relationship issue
Replies
3
Views
1K
araheusaff
araheusaff
techbrain1
  • Question Question
Explorer Error the operating system is not compatible with this product
Replies
0
Views
276
techbrain1
techbrain1
rzammit82
  • Locked
  • Question Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
1K
suncit
suncit
ravalos
  • Locked
  • Question Question
Problem with PDFs in IIS
Replies
1
Views
2K
gbaughma
gbaughma
pomazip
  • Locked
  • Question Question
Windows Server 2019 mac address issue
Replies
2
Views
1K
pomazip
pomazip

Part and Inventory Search

Sponsor

Back
Top