Managing Active Directory can get complicated. Often, the native tools for managing AD are just not up to the task. The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.
COURSE of the MONTH
10 days, 21 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Domain Trust with a domain that does not have a FQDN
Posted on 2013-01-28
Hi,
I have inherited 2 domains. One of my domains when it was created, was created with a Non FQDN naming structure. Instead of being domainname.local, it is just domainname.
I want to be able to create a trust between my 2 domains. I can create a trust from the Non FQDN domain to my FQDN domain, but I cannot create a trust the other way around.
domainname > domainname1.local trust works
domainname1.local > domainname will not work.
Is there a way around this or do I see a domain re-name in my future?
Thanks for any help
Stu.
I have inherited 2 domains. One of my domains when it was created, was created with a Non FQDN naming structure. Instead of being domainname.local, it is just domainname.
I want to be able to create a trust between my 2 domains. I can create a trust from the Non FQDN domain to my FQDN domain, but I cannot create a trust the other way around.
domainname > domainname1.local trust works
domainname1.local > domainname will not work.
Is there a way around this or do I see a domain re-name in my future?
Thanks for any help
Stu.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2-
2
5 Comments
What type of domain is the FQDN-less running? It has to have some kind of DNS infrastructure, unless it is NT 4.0. Active Directory needs DNS to get up and running.
Domain is Windows Active Directory (running at Server 2003 level).
Domain name is domainname
DNS is running and passes all tests.
DNS also referenences just domainname with no FQDN ext.
So the name server in DNS would be nameserver.domainname. with no ext.
Hope this make sense. AD functions correctly in this domain, justt the trust will not build.
Thanks
Stu
Domain name is domainname
DNS is running and passes all tests.
DNS also referenences just domainname with no FQDN ext.
So the name server in DNS would be nameserver.domainname. with no ext.
Hope this make sense. AD functions correctly in this domain, justt the trust will not build.
Thanks
Stu
How about making an additional DNS zone with a proper FQDN, alongside the existing zone? A "domain.lan", or whatever you like and integrate that into Active Directory, so all of the glue records populate and replicate? I would make a System State backup before doing this...
Active 2 days ago
I have inherited 2 domains. One of my domains when it was created, was created with a Non FQDN naming structure. Instead of being domainname.local, it is just domainname.That's known as a single-label domain name. In DNS terms, each element of an FQDN is a label, so a domain named mydomain.com has two labels, mydomain and com. Single-label domains are problematic in AD; this KB article has some general information about why this is the case.
You may want to try the steps listed here to make the trust work, but in the long run you'll be better off either renaming or migrating away from that single-label domain.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s
ManageEngine
webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008.
Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses
Course of the Month10 days, 21 hours left to enroll
770 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.