DNS resolution across domains

[Ian Webster]

I have two AD W2K forests on seperate subnets which use DNS for name
resolution and I am attempting to establish a two way trust relationship
between them. However, the DCs cannot resolve each other so I get the error
that the DC for the remote domain cannot be contacted.

What do I need to add to the DNS service on each domain to allow them to see
each other?

Thanks in advance for any help.

Regards,

Ian

 

[William Stacey]

Assume from your post that these are two different forests with diff domain
names.
Create a secondary zone on each server of the zone on the other server. The
primary IP asked for when creating the zone will be the other servers public
DNS interface. After creating the zone, you should see the records of the
master zone automatically or may have to force an xfr. Do one at a time.
Now both servers should be able to resolve domain names from each other (and
hence client resolvers of dns servers.) HTH. Happy Holiday!

 

[Ace Fekay [MVP]]

In

Assume from your post that these are two different forests with diff
domain names.
Create a secondary zone on each server of the zone on the other
server. The primary IP asked for when creating the zone will be the
other servers public DNS interface. After creating the zone, you
should see the records of the master zone automatically or may have
to force an xfr. Do one at a time. Now both servers should be able
to resolve domain names from each other (and hence client resolvers
of dns servers.) HTH. Happy Holiday!

Hi William,

Just a reminder and to add, trusts between two domains in different forests
in W2k use NTLM authenticatio which is NetBIOS based and not Kerberos, which
is DNS based. So my suggestion to that is to use WINS.... If W2k3, then
that's another story...

Cheers!

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory