• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1244
  • Last Modified:

Can't establish trust between 2 domains on same subnet


I have two separate domains on the same subnet. I'm unable to establish a trust between the two and suspect my DNS setup is incorrect. Here's the situation:
- DC1 is dc.domain1.local,
- DC2 is dc.domain2.local,
- Both domain controllers have DNS and WINS
- Both DCs are Windows 2003 Server Std.

I'm not really sure where to start. Any help is appreciated.

  • 4
1 Solution
Add a DNS forward lookup zone, crossing one to the other, e.g. DOMAIN1 needs to have a stub zone for DOMAIN2, and conversely for DOMAIN2 -> DOMAIN1.

Ignore WINS for now (why bother if the neworks are Windows 2000+ through and through?).

Try setting up the trusts using Active Directory Domains and Trust snap-in again and see where it leads you.


dekroonAuthor Commented:
Thanks, MidnightOne

When I attempt to create a stub zone I get "The zone cannot be created. The request is not supported."
dekroonAuthor Commented:
I tried it again replicating only amongst DNS servers in the local domain and it worked. Do I want to use the remote DNS server to create a local ist of master servers?
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

dekroonAuthor Commented:
I still get "cannot continue"
"The New Trust Wizard cannot continue becuase the specified domain cannot be contacted.", etc.
I have found stub zones to be less effective than full secondary copies.

I would try making secondary copies of each domain in the other domain so...

On DC.DOMAIN1.LOCAL, you need to create a secondary DNS zone for Domain2

On DC.DOMAIN2.LOCAL, you need to create a secondary DNS zone for Domain1

You will need to enable zone transfers for this to work.
dekroonAuthor Commented:
Yep, ajbritton, that did the trick - secondary copies are on both servers and now the trust works fine.

Thanks a bunch.


Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now