Solved

Multiple Domains, Multiple DNS, over VPN

Posted on 2013-01-28
5
608 Views
Last Modified: 2013-01-31
Hello,

we have two facilities connected by an open VPN tunnel between them.  Each one has its own AD, DC and its own DNS.  but of course we need to share information between the two.

I have been working to get the DNS for DomainA available to DomainB and vice versa, and i have been 50% successful to this point.  

for some reason, I have been able forward the DNS from DomainA to DomainB, but I cannot get the DNS on DomainB to load on the DomainA server.  

When I attempt to add this zone to the DomainA server I get an error stating that "the server with this ip is not authoritative for the required zone"

which is where my confusion is....to my knowledge I have the same settings on both servers, so I am not sure why this one won't set up?

I have DomainA listed as a Name server on DomainB and setup DomainB to allow zone transfers to any servers listed as a NS.

anything glaring that I should check?

one other thing I have noticed is that when at DomainB, if I want to search for a computer on DomainA, I have to enter the FQDN and not just the DNS name in order to find it?  is that normal?
0
Comment
Question by:redekopmfg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 82

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 38828603
I have DomainA listed as a Name server on DomainB and setup DomainB to allow zone transfers to any servers listed as a NS.

not the way I'd do it.. I'd keep the domains separate.
Then in AD sites and services establish a two way trust between the two domains.
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38828890
You need to allow authoritative transfers from this zone.

http://technet.microsoft.com/en-us/library/cc770984.aspx
0
 

Author Comment

by:redekopmfg
ID: 38832227
Hi ve3ofa,

I had not thought of that approach, and like that idea......

I have attempted to do that now, but the DNS issue that I am experiencing seems to be affecting this as well.

I created the trust from DomainB, it completes the wizard, but then when I attempt to validate it I get an error stating that: "There are currently no logon servers available to service the logon request."

if I go to DomainA and attempt to validate, I get this error: "Windows cannot find an active directory domain controller for the domainB.com domain.  Verify that an AD DC is available and then try again"
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 38833244
Set the sites to work separated.

Once you have them like that make sure the networks are in different 192.168.1.0 / 192.168.2.0 like this you are sure there are no collisions in your setting.

Second step, add in each domain the address of the other DNS as a primary DNS server for the other.

Users connecting to the shares should exist on both sides.

Good Luck
0
 

Author Closing Comment

by:redekopmfg
ID: 38839741
I was able to resolve my DNS issues, and this is working well.  Thanks
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question