Solved

Setting up DNS with External Trust

Posted on 2009-05-15
1
417 Views
Last Modified: 2013-11-05
I have been tasked with creating a two-way trust relationship between our company (ABC.com with a Windows Server 2003 forest functional level) and our parent company (123.com with a Windows 2000 forest functional level).  Of course management wants this done yesterday.  We first plan on establishing a site-to-site VPN prior to creating the trust relationship and it seems as though our best, if not only, option would be to create an external trust between the two domains.  My main concern is how to properly setup DNS between the two domains.  I have read up a little on Secondary Zones, Stub Zones and Conditional Forwarders, but not entirely sure when to use each one and which would be the proper way of setting it up in this situation.  Any help would be greatly appreciated.

TIA,

Mark
0
Comment
Question by:mbruno22
1 Comment
 
LVL 70

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 24399183

Hi Mark,

I would choose either Conditional Forwarders or Stub Zones.

Both can be AD Integrated (although you have to do that from the command line with DNSCMD) which reduces the overhead involved with setting them up.

Chris
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
RRAS AND DNS 15 44
JRNL_WRAP_ERROR issue in sysvol 20 29
Admin account lockout 10 36
Windows DNS Server Caching 3 28
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
This article runs through the process of deploying a single EXE application selectively to a group of user.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

775 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question