Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Question re conditional forwarder difference between 2003 and 2008 R2

Posted on 2010-09-06
1
Medium Priority
?
1,007 Views
Last Modified: 2012-06-27
I may not have a real problem, but need some validation.

In a test environment, I'm trying to set up a forest to forest trust between a 2008 R2 forest and a 2003 SP2 forest. The 2008R2 forest is abc.local, and the 2003 forest is def.local. Both sites are connected via a VPN with the Windows firewall disabled on both ends. From both sides, I can ping the respective DNS servers by IP address.

On the 2003 DNS server/ DC, I can cleanly create a conditonal forwarder to the 2008R2 forest. Specifically, in the Forwarders tab of the 2003 DC,  I typed abc.local and gave it an address of 192.168.33.22. From the 2003 box, I can now ping the domain and all of the server names inside abc.local.

On the 2008 box, under the Conditional Forwarders folder, I can add the IP address of the def.local server, but only its NETBIOS name (i.e., 2003SERVER1). Unlike 2003, I can't add the FQDN or the domain name.

When I click GO, it creates the object under conditonal forwarders and assigns the correct domain name. I can now ping def.local and the server names in def.local from the abc.local domain.

So two questions:
1. Is this the proper configuration for the 2008 server?
2. How did Windows figure out that the 2003SERVER1 was authoritative for the def.local domain?

Thanks.

0
Comment
Question by:ovidbailey
1 Comment
 

Accepted Solution

by:
ovidbailey earned 0 total points
ID: 33614212
Seems to be working fine, must be the proper configuration.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question