Solved

DNS resolution Problem from hosts of one forest to another

Posted on 2011-02-17
9
316 Views
Last Modified: 2012-05-11

There are 2 AD configured separately in different forest. I need users authenticated using 1 AD to be able to resolve DNS through AD 2  which are containing separate entries. AD1 and AD2 are able to resolved there DNS but not there hosts.
0
Comment
Question by:oppofwar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34915079
what happens if you ping full hsot name?

ping hostname.domain.com

?

probably your domains have no information in DNS suffix order. Create a GPO in each domain and define FQDN list for those domains.

In the first add

domain1.com (its domain)
domain2.com (remote domain)

in the second domain add

domain2.com (its domain)
domain1.com (remote domain)

Regards,
Krzysztof

0
 
LVL 3

Author Comment

by:oppofwar
ID: 34915204
I have entred the DNS entry in Forwarders , AD server is able to resolve to one another  But the Domain members are not able to resolve it
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 27

Expert Comment

by:KenMcF
ID: 34915209
iSiek, is correct. After reading your question agian it sounds like you are having problems with shortname resolution. Adding a domain suffix to your computers will fix this and using a GPO is the easiest way..
0
 
LVL 3

Author Comment

by:oppofwar
ID: 34915219
Isiek they are not able to resolve using FQDN also
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34915255
If they are not able to resolve FQDN then the conditional forwarders should have fixed that. Are you running 2003 or 2008 for your DNS servers? If 2003 you will need to add them on each server unless you add them to the application partition.
Is there a firewall between the servers?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34915350
Check Ken's suggestion and additionally type in command-line

nslookup hostnameDomainA.fqdn
nslookup hostnameDomainB.fqdn

and check if DNS server resolved those names.

Krzysztof
0
 
LVL 3

Accepted Solution

by:
oppofwar earned 0 total points
ID: 34925025
The problem has been resolved . There was a need for creation of stub zone.
0
 
LVL 3

Author Closing Comment

by:oppofwar
ID: 34959000
On both  server DNS Stub zone was created for DNS resolution .
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
A hard and fast method for reducing Active Directory Administrators members.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question