Solved

DNS between two separate domains

Posted on 2014-04-16
7
625 Views
Last Modified: 2014-04-17
I have two separate domains right now that can ping each other by IP address but not by hostnames. Temporarily I need DNS to work for these two domains. How would I go about setting that up?
I tried creating new zones but I can't get the two to talk using hostnames.

One is a 2008 environment and the other is a 2003 environment.
0
Comment
Question by:Winsoup
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 150 total points
ID: 40004433
I'm NOT positive on this, lets see if other experts agree:  Configure the primary forwarders on each DNS server to reference the other.

I'm assuming these two DNS servers are on the same LAN.  If not please let us know, it may be firewall\routing\networking issues presenting comm.
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 150 total points
ID: 40004623
Try below

You may use GPO \ registry \ manual method to add DNS suffix search list of opposite domains in network card properties \ advanced \ DNS tab of required machines at both end

Note that 1st domain in the list must be client own domain followed by other \ opposite domain, other wise client own domain name resolution and authentication will break

GPO setting "DNS Suffix search list" can be found under
Computer configuration\administrative templates\Network\Dns Client

Note that domain names must be entered one by one separated by comma with 1st domain of client own (Very IMP) without inverted comma

This will enable you DNS name resolution for another domain host names as well
Client will query 1st its own domain for record, if not found it will search another domain in list and it will resolve it if found

Note that in order to find another domain, on both domain DNS servers you must specify conditional forwarder \ secondary zones for opposite side domain pointing to its domain controller

Also note that TCP port 53 must be opened between both side domain controllers bi-directional in order to make this work

Mahesh.
0
 
LVL 3

Author Comment

by:Winsoup
ID: 40004878
I'll try these suggestions and get back to you guys on how it goes.
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 
LVL 26

Accepted Solution

by:
DrDave242 earned 200 total points
ID: 40005808
Conditional forwarders or stub zones are the preferred methods of providing DNS resolution between domains. They go about it in different ways, but from the client perspective, the results are the same: machines in one domain can resolve FQDNs in the other.

Let us know if you need assistance configuring either one.
0
 
LVL 3

Author Comment

by:Winsoup
ID: 40006514
When I ping the domain name that I am trying to reach I get back an IP address of their old mail server which is not in use anymore.
Also when I added their DC to our DNS server as a forwarder it says that it's not authoritative, but it is. Will just deleting the entry for the old mail server take care of this or is there a way to tell it what the authoritative server is?
0
 
LVL 26

Assisted Solution

by:DrDave242
DrDave242 earned 200 total points
ID: 40006778
I've seen the "not authoritative" thing before when adding a conditional forwarder, even though the server I was adding was indeed authoritative. In my case, name resolution still worked fine, so I think it's just a glitch.

When I ping the domain name that I am trying to reach I get back an IP address of their old mail server which is not in use anymore.
There's probably a blank host record with that IP address on their DNS server. If that server isn't in use anymore, the record should be deleted. Blank host records in an AD domain should only be used to designate domain controllers.
0
 
LVL 3

Author Closing Comment

by:Winsoup
ID: 40006895
It's all working now. Getting rid of those old records cleaned up the last of the issues I had.
Thank you all for the suggestions.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question