Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 549
  • Last Modified:

Domain Trusts fail randomly

We have a 2003 domain.  I have created a 2008 domain.  The 2008 domain is at 2003 functional level.  The dns is resolving correctly both through ping and though nslookup on both domains.  However I have noticed on the 2003 domain that the dns will not replicate the secondary zone I created for the 2008 domain.  Would I be better to delete this record and try forwarding or stub zone?
0
jburns80
Asked:
jburns80
  • 3
  • 2
3 Solutions
 
GanparCommented:
Are you getting any error while creating secondary zone?? Have u checked DNS events at event viewer??

Please check secure channel of your DC's by using following command

nltest /server:[targetservername] /SC_QUERY

if it is giving error then your trust might get failed-- then try to reset it

nltest /server:[targetservername] /SC_RESET
0
 
jburns80Author Commented:
SC_Query Failed and then SC_RESET resulted in access denied.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
"Would I be better to delete this record and try forwarding or stub zone?"

I would have to agree it would be more efficient to create a forwarder as you will be getting the most up-to-date DNS entries on the opposite domain. Secondary Zones are fine within a domain but I would recommend using forwarders when implementing cross-forest querying.

Hope this helps!
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
jburns80Author Commented:
Would I need to create the forward on all domain controllers?  We have 3 on site for the 2003 domain.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Yes you would set these up on all DNS servers in your environment.
0
 
jburns80Author Commented:
Thanks for your help guys.  I believe this was failing due to the forwarding only being set on one DC.  Your testing and insight helped.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now