Solved

Setting up a domain trust relationship

Posted on 2008-10-13
2
886 Views
Last Modified: 2012-05-05
I need to setup a Windows Server 2003 domain trust between different domains in different forests. I have attempted to configure DNS but I can only ping the domain controller but not the other domain.

- How do I configure DNS to see the other domain.
- Once that is done, what do I need to do to do a two way trust.
0
Comment
Question by:brjensen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Assisted Solution

by:LauraEHunterMVP
LauraEHunterMVP earned 20 total points
ID: 22707450
To configure DNS in 2003 to allow name resolution for trusts, you have 3 options:

[1] Create a secondary zone for DomainB on the DNS servers in DomainA, and vice versa.
[2] Configure a conditional forwarder on the DNS servers in DomainA to forward all queries for DomainB to the DNS servers in DomainB, and vice versa.
[3] Create a stub zone in DomainA referencing the DNS servers in DomainB, and vice versa.

Once you have name resolution functioning in both directions, creating a trust is wizard-based and fairly simplistic.
0
 
LVL 8

Accepted Solution

by:
StrongBad_Rules earned 30 total points
ID: 22707490
Ensure that Domain Name System (DNS) is properly set up.

If there is a root DNS server that can be made the root DNS server for both of the forest DNS namespaces, make it the root server by ensuring that the root zone contains delegations for each of the DNS namespaces. Also, update the root hints of all DNS servers with the new root DNS server.

If there is no shared root DNS server and the root DNS servers for each forest DNS namespace are running a member of the Windows Server 2003 family, configure DNS conditional forwarders in each DNS namespace to route queries for names in the other namespace.

If there is no shared root DNS server, and the root DNS servers for each forest DNS namespace are not running a member of the Windows Server 2003 family, configure DNS secondary zones in each DNS namespace to route queries for names in the other namespace.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question