trust relationshit between 2000 and 2008

Posted on 2009-04-29
Last Modified: 2012-05-06
I am planning to migrate our current 2000 Domain (abc.local) to a 2008 Domain (xyz.local in 2003 mode).  My current config is 2000 Domain with its own DNS Server and the new domain is a 2008 Doman with its own DNS Server.

I setup a trust from 2008 to 2000 and it seems to be ok.  When I try to setup the trust from 2000 to 008, it tells me it cannot verify the Trust as the xyz.local domain cannot be contacted.

What would be the requirements and procedure to perform this please?

Question by:adexio
    LVL 10

    Accepted Solution

    It seems like the DNS isnt setup on Windows 2000 domain to lookup the 2008 domain.

    In your Windows 2000 Domain, Open DNS and setup up a forwarder for xyz.local(your 2008 domain)

    After doing this, you should be able to nslook the xyz.local domain and it should list the ip addressess of DCs in the xyz.local domain.

    if everything is setup, and you are still unable to verify the trust, with the same error xyz.local domain cannot be contacted, then resort to the old fashioned host file way.

    Open your host file on windows 2000 domain controller and make an entry for your xyz.local domain pointing to the 2008 Domain Controller. This should do the trick.

    and i've made an assumption here that you have  taken care of the routing , if the windows 2000 and windows 2008 domains are on different networks/subnets.


    Author Closing Comment

    Perfect!!  That was my exact problem.
    LVL 10

    Expert Comment

    glad to be of help.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
    Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now