Can't establish trust between 2 domains on same subnet

Posted on 2007-08-03
Last Modified: 2012-05-05

I have two separate domains on the same subnet. I'm unable to establish a trust between the two and suspect my DNS setup is incorrect. Here's the situation:
- DC1 is dc.domain1.local,
- DC2 is dc.domain2.local,
- Both domain controllers have DNS and WINS
- Both DCs are Windows 2003 Server Std.

I'm not really sure where to start. Any help is appreciated.

Question by:dekroon
    LVL 26

    Expert Comment

    Add a DNS forward lookup zone, crossing one to the other, e.g. DOMAIN1 needs to have a stub zone for DOMAIN2, and conversely for DOMAIN2 -> DOMAIN1.

    Ignore WINS for now (why bother if the neworks are Windows 2000+ through and through?).

    Try setting up the trusts using Active Directory Domains and Trust snap-in again and see where it leads you.



    Author Comment

    Thanks, MidnightOne

    When I attempt to create a stub zone I get "The zone cannot be created. The request is not supported."

    Author Comment

    I tried it again replicating only amongst DNS servers in the local domain and it worked. Do I want to use the remote DNS server to create a local ist of master servers?

    Author Comment

    I still get "cannot continue"
    "The New Trust Wizard cannot continue becuase the specified domain cannot be contacted.", etc.
    LVL 8

    Accepted Solution

    I have found stub zones to be less effective than full secondary copies.

    I would try making secondary copies of each domain in the other domain so...

    On DC.DOMAIN1.LOCAL, you need to create a secondary DNS zone for Domain2

    On DC.DOMAIN2.LOCAL, you need to create a secondary DNS zone for Domain1

    You will need to enable zone transfers for this to work.

    Author Comment

    Yep, ajbritton, that did the trick - secondary copies are on both servers and now the trust works fine.

    Thanks a bunch.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    New My Cloud Pro Series - organize everything!

    With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

    Suggested Solutions

    Title # Comments Views Activity
    UNC paths question 18 56
    IPA client Config problems 2 53
    DMARC setting for EMail server 4 36
    RDP up only between 8am-13.00 pm ? 11 45
    On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now