Domain Trusts fail randomly

Posted on 2012-09-06
Last Modified: 2012-09-06
We have a 2003 domain.  I have created a 2008 domain.  The 2008 domain is at 2003 functional level.  The dns is resolving correctly both through ping and though nslookup on both domains.  However I have noticed on the 2003 domain that the dns will not replicate the secondary zone I created for the 2008 domain.  Would I be better to delete this record and try forwarding or stub zone?
Question by:jburns80
    LVL 2

    Assisted Solution

    Are you getting any error while creating secondary zone?? Have u checked DNS events at event viewer??

    Please check secure channel of your DC's by using following command

    nltest /server:[targetservername] /SC_QUERY

    if it is giving error then your trust might get failed-- then try to reset it

    nltest /server:[targetservername] /SC_RESET

    Author Comment

    SC_Query Failed and then SC_RESET resulted in access denied.
    LVL 53

    Assisted Solution

    by:Will Szymkowski
    "Would I be better to delete this record and try forwarding or stub zone?"

    I would have to agree it would be more efficient to create a forwarder as you will be getting the most up-to-date DNS entries on the opposite domain. Secondary Zones are fine within a domain but I would recommend using forwarders when implementing cross-forest querying.

    Hope this helps!

    Author Comment

    Would I need to create the forward on all domain controllers?  We have 3 on site for the 2003 domain.
    LVL 53

    Accepted Solution

    Yes you would set these up on all DNS servers in your environment.

    Author Comment

    Thanks for your help guys.  I believe this was failing due to the forwarding only being set on one DC.  Your testing and insight helped.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Free book by J.Peter Bruzzese, Microsoft MVP

    Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

    Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
    You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
    To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
    This tutorial will show how to inventory, catalog, and restore media from legacy versions of Backup Exec into both 2012 and 2014 versions of the software. Select Storage from the tabs along the ribbon bar as the top: Ensure the proper storage devi…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now