Unable to establish trust on 2K8 R2 functional domains due to DNS namespace overlapping at COOP
Posted on 2014-03-10
I built a COOP site domain to work as a warm site. Because this is a secure network I was forced to complete the site/domain configurations before I was able to connect the two sites. My first site domain is work.site.com, and I wanted my backup site to be created as a new site, so I selected coop.work.site.com. When I connected the sites I found that I created a DNS scenario where lookups from work.site.com are not forwarding to coop.work.site.com because it believes it is authoritative. Lookups from coop.work.site.com do successfully find servers on work.site.com. Now I am stuck with the domain migration becuase I cannot even establish a two way trust due to DNS failures.
I will have a very hard time changing the structure of the domain namespace at the COOP due to the fact that certificates have been issued and our security posture has been approved, so major changes will be scrutinized. I do have full control of the domain migration process and the DNS, AD, Trusts, and Sites.
Have I engineered myself into a corner? How do I configure the routing to begin my migration?