Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Setting up DNS with External Trust

Posted on 2009-05-15
1
Medium Priority
?
424 Views
Last Modified: 2013-11-05
I have been tasked with creating a two-way trust relationship between our company (ABC.com with a Windows Server 2003 forest functional level) and our parent company (123.com with a Windows 2000 forest functional level).  Of course management wants this done yesterday.  We first plan on establishing a site-to-site VPN prior to creating the trust relationship and it seems as though our best, if not only, option would be to create an external trust between the two domains.  My main concern is how to properly setup DNS between the two domains.  I have read up a little on Secondary Zones, Stub Zones and Conditional Forwarders, but not entirely sure when to use each one and which would be the proper way of setting it up in this situation.  Any help would be greatly appreciated.

TIA,

Mark
0
Comment
Question by:mbruno22
1 Comment
 
LVL 71

Accepted Solution

by:
Chris Dent earned 1000 total points
ID: 24399183

Hi Mark,

I would choose either Conditional Forwarders or Stub Zones.

Both can be AD Integrated (although you have to do that from the command line with DNSCMD) which reduces the overhead involved with setting them up.

Chris
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question