Solved

Setting up DNS with External Trust

Posted on 2009-05-15
1
421 Views
Last Modified: 2013-11-05
I have been tasked with creating a two-way trust relationship between our company (ABC.com with a Windows Server 2003 forest functional level) and our parent company (123.com with a Windows 2000 forest functional level).  Of course management wants this done yesterday.  We first plan on establishing a site-to-site VPN prior to creating the trust relationship and it seems as though our best, if not only, option would be to create an external trust between the two domains.  My main concern is how to properly setup DNS between the two domains.  I have read up a little on Secondary Zones, Stub Zones and Conditional Forwarders, but not entirely sure when to use each one and which would be the proper way of setting it up in this situation.  Any help would be greatly appreciated.

TIA,

Mark
0
Comment
Question by:mbruno22
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 71

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 24399183

Hi Mark,

I would choose either Conditional Forwarders or Stub Zones.

Both can be AD Integrated (although you have to do that from the command line with DNSCMD) which reduces the overhead involved with setting them up.

Chris
0

Featured Post

Get HTML5 Certified

Want to be a web developer? You'll need to know HTML. Prepare for HTML5 certification by enrolling in July's Course of the Month! It's free for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question