Creating a domain trust

We have 2 seperate domains which are in seperate forests. They are not in the same Domain namespace. They are physically in the same network. Both domains are Windows 2003 domains. I have the administrator privilages in both domains. I would like to create 2 way trust between the 2 domains. When I start the wizard on Domain A and type the DNS name for  Domain B, it says "The name you specified is not a valid Windows domain name. Is the specified name a Kerberos V5 realm?". When I retype the DNS domain name for the Domain B the wizard says cannot continue: ""the new trust wizard cannot continue because the specified domain cannot be contacted".
When I attemp to create the trust from Domain B, it went  through and created the trust. And now I can see it on Domain A's trusted domains list.
I would like to know if the reason not allowing me to do it from Domain A WILL cause some other problems when we need the trust to work. So I would like to find out what might have caused that. I thought this was a DNS issue.
Any comments are appreciated.
Thanks
ArzuGouldAsked:
Who is Participating?
 
smilerzCommented:
The secondary DNS is only used when the primary address is unavailable.  It won't query both.
Forwarders are completely appropriate in this configuration.
0
 
smilerzCommented:
Can the server that is having the issue resolve the DNS domain name of the other domain?
0
 
ArzuGouldAuthor Commented:
No. That is the problem. I can ping domain A from Domain B, but cannot do the opposite. DNS settings look the same.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
smilerzCommented:
Both servers are using the same DNS servers?
0
 
ArzuGouldAuthor Commented:
Both domain has their own DNS servers. But they also have each other's DNS as the alternative DNS servers.
The only difference between their TCP/IP DNS settings is: Domain A has the Symantec gateway's IP address as the alternate DNS server (for Internet name resolution) , but it has Domain B's IP address listed under  the Advanced TCP/IP properties DNS tab. Domain B does not have the gateway's IP address as the alternate DNS server
0
 
smilerzCommented:
OK, what you need to do is either:
1) transfer the zones between the DNS servers
2) setup a forwarded so that DNS requests are sent to the proper DNS server
0
 
ArzuGouldAuthor Commented:
Yes, I did not want to transfer the zones so I set up the forwarders on Domain  A to forward queries for the names in Domain B to the Domain B's DNS server. Now I can ping Domain B.

But for me questions still remains why it did not resolve with Domain B's DNS IP address was listed under the Advanced TCP/IP settings-->DNS tab. The only reason I can think of is that it is trying to append primary and connection specific DNS suffixes.

IS it a better practice to configure that settings under Advanced TCP/IP properties instead of using forwarders?

Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.