<div>
<div class="content wysiwyg-content">
I have been tasked with creating a two-way trust relationship between our company (ABC.com with a Windows Server 2003 forest functional level) and our parent company (123.com with a Windows 2000 forest functional level). &nbsp;Of course management wants this done yesterday. &nbsp;We first plan on establishing a site-to-site VPN prior to creating the trust relationship and it seems as though our best, if not only, option would be to create an external trust between the two domains. &nbsp;My main concern is how to properly setup DNS between the two domains. &nbsp;I have read up a little on Secondary Zones, Stub Zones and Conditional Forwarders, but not entirely sure when to use each one and which would be the proper way of setting it up in this situation. &nbsp;Any help would be greatly appreciated.<br />
<br />
TIA,<br />
<br />
Mark
</div>
</div>


I have been tasked with creating a two-way trust relationship between our company (ABC.com with a Windows Server 2003 forest functional level) and our parent company (123.com with a Windows 2000 forest functional level).  Of course management wants this done yesterday.  We first plan on establishing a site-to-site VPN prior to creating the trust relationship and it seems as though our best, if not only, option would be to create an external trust between the two domains.  My main concern is how to properly setup DNS between the two domains.  I have read up a little on Secondary Zones, Stub Zones and Conditional Forwarders, but not entirely sure when to use each one and which would be the proper way of setting it up in this situation.  Any help would be greatly appreciated.

TIA,

Mark

Setting up DNS with External Trust

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.