Solved

DNS between two separate domains

Posted on 2014-04-16
7
605 Views
Last Modified: 2014-04-17
I have two separate domains right now that can ping each other by IP address but not by hostnames. Temporarily I need DNS to work for these two domains. How would I go about setting that up?
I tried creating new zones but I can't get the two to talk using hostnames.

One is a 2008 environment and the other is a 2003 environment.
0
Comment
Question by:Winsoup
7 Comments
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 150 total points
ID: 40004433
I'm NOT positive on this, lets see if other experts agree:  Configure the primary forwarders on each DNS server to reference the other.

I'm assuming these two DNS servers are on the same LAN.  If not please let us know, it may be firewall\routing\networking issues presenting comm.
0
 
LVL 36

Assisted Solution

by:Mahesh
Mahesh earned 150 total points
ID: 40004623
Try below

You may use GPO \ registry \ manual method to add DNS suffix search list of opposite domains in network card properties \ advanced \ DNS tab of required machines at both end

Note that 1st domain in the list must be client own domain followed by other \ opposite domain, other wise client own domain name resolution and authentication will break

GPO setting "DNS Suffix search list" can be found under
Computer configuration\administrative templates\Network\Dns Client

Note that domain names must be entered one by one separated by comma with 1st domain of client own (Very IMP) without inverted comma

This will enable you DNS name resolution for another domain host names as well
Client will query 1st its own domain for record, if not found it will search another domain in list and it will resolve it if found

Note that in order to find another domain, on both domain DNS servers you must specify conditional forwarder \ secondary zones for opposite side domain pointing to its domain controller

Also note that TCP port 53 must be opened between both side domain controllers bi-directional in order to make this work

Mahesh.
0
 
LVL 3

Author Comment

by:Winsoup
ID: 40004878
I'll try these suggestions and get back to you guys on how it goes.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 26

Accepted Solution

by:
DrDave242 earned 200 total points
ID: 40005808
Conditional forwarders or stub zones are the preferred methods of providing DNS resolution between domains. They go about it in different ways, but from the client perspective, the results are the same: machines in one domain can resolve FQDNs in the other.

Let us know if you need assistance configuring either one.
0
 
LVL 3

Author Comment

by:Winsoup
ID: 40006514
When I ping the domain name that I am trying to reach I get back an IP address of their old mail server which is not in use anymore.
Also when I added their DC to our DNS server as a forwarder it says that it's not authoritative, but it is. Will just deleting the entry for the old mail server take care of this or is there a way to tell it what the authoritative server is?
0
 
LVL 26

Assisted Solution

by:DrDave242
DrDave242 earned 200 total points
ID: 40006778
I've seen the "not authoritative" thing before when adding a conditional forwarder, even though the server I was adding was indeed authoritative. In my case, name resolution still worked fine, so I think it's just a glitch.

When I ping the domain name that I am trying to reach I get back an IP address of their old mail server which is not in use anymore.
There's probably a blank host record with that IP address on their DNS server. If that server isn't in use anymore, the record should be deleted. Blank host records in an AD domain should only be used to designate domain controllers.
0
 
LVL 3

Author Closing Comment

by:Winsoup
ID: 40006895
It's all working now. Getting rid of those old records cleaned up the last of the issues I had.
Thank you all for the suggestions.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question