Solved

Question re conditional forwarder difference between 2003 and 2008 R2

Posted on 2010-09-06
1
997 Views
Last Modified: 2012-06-27
I may not have a real problem, but need some validation.

In a test environment, I'm trying to set up a forest to forest trust between a 2008 R2 forest and a 2003 SP2 forest. The 2008R2 forest is abc.local, and the 2003 forest is def.local. Both sites are connected via a VPN with the Windows firewall disabled on both ends. From both sides, I can ping the respective DNS servers by IP address.

On the 2003 DNS server/ DC, I can cleanly create a conditonal forwarder to the 2008R2 forest. Specifically, in the Forwarders tab of the 2003 DC,  I typed abc.local and gave it an address of 192.168.33.22. From the 2003 box, I can now ping the domain and all of the server names inside abc.local.

On the 2008 box, under the Conditional Forwarders folder, I can add the IP address of the def.local server, but only its NETBIOS name (i.e., 2003SERVER1). Unlike 2003, I can't add the FQDN or the domain name.

When I click GO, it creates the object under conditonal forwarders and assigns the correct domain name. I can now ping def.local and the server names in def.local from the abc.local domain.

So two questions:
1. Is this the proper configuration for the 2008 server?
2. How did Windows figure out that the 2003SERVER1 was authoritative for the def.local domain?

Thanks.

0
Comment
Question by:ovidbailey
1 Comment
 

Accepted Solution

by:
ovidbailey earned 0 total points
ID: 33614212
Seems to be working fine, must be the proper configuration.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question