Solved

DNS between two separate domains

Posted on 2014-04-16
7
572 Views
Last Modified: 2014-04-17
I have two separate domains right now that can ping each other by IP address but not by hostnames. Temporarily I need DNS to work for these two domains. How would I go about setting that up?
I tried creating new zones but I can't get the two to talk using hostnames.

One is a 2008 environment and the other is a 2003 environment.
0
Comment
Question by:Winsoup
7 Comments
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 150 total points
ID: 40004433
I'm NOT positive on this, lets see if other experts agree:  Configure the primary forwarders on each DNS server to reference the other.

I'm assuming these two DNS servers are on the same LAN.  If not please let us know, it may be firewall\routing\networking issues presenting comm.
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 150 total points
ID: 40004623
Try below

You may use GPO \ registry \ manual method to add DNS suffix search list of opposite domains in network card properties \ advanced \ DNS tab of required machines at both end

Note that 1st domain in the list must be client own domain followed by other \ opposite domain, other wise client own domain name resolution and authentication will break

GPO setting "DNS Suffix search list" can be found under
Computer configuration\administrative templates\Network\Dns Client

Note that domain names must be entered one by one separated by comma with 1st domain of client own (Very IMP) without inverted comma

This will enable you DNS name resolution for another domain host names as well
Client will query 1st its own domain for record, if not found it will search another domain in list and it will resolve it if found

Note that in order to find another domain, on both domain DNS servers you must specify conditional forwarder \ secondary zones for opposite side domain pointing to its domain controller

Also note that TCP port 53 must be opened between both side domain controllers bi-directional in order to make this work

Mahesh.
0
 
LVL 3

Author Comment

by:Winsoup
ID: 40004878
I'll try these suggestions and get back to you guys on how it goes.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 25

Accepted Solution

by:
DrDave242 earned 200 total points
ID: 40005808
Conditional forwarders or stub zones are the preferred methods of providing DNS resolution between domains. They go about it in different ways, but from the client perspective, the results are the same: machines in one domain can resolve FQDNs in the other.

Let us know if you need assistance configuring either one.
0
 
LVL 3

Author Comment

by:Winsoup
ID: 40006514
When I ping the domain name that I am trying to reach I get back an IP address of their old mail server which is not in use anymore.
Also when I added their DC to our DNS server as a forwarder it says that it's not authoritative, but it is. Will just deleting the entry for the old mail server take care of this or is there a way to tell it what the authoritative server is?
0
 
LVL 25

Assisted Solution

by:DrDave242
DrDave242 earned 200 total points
ID: 40006778
I've seen the "not authoritative" thing before when adding a conditional forwarder, even though the server I was adding was indeed authoritative. In my case, name resolution still worked fine, so I think it's just a glitch.

When I ping the domain name that I am trying to reach I get back an IP address of their old mail server which is not in use anymore.
There's probably a blank host record with that IP address on their DNS server. If that server isn't in use anymore, the record should be deleted. Blank host records in an AD domain should only be used to designate domain controllers.
0
 
LVL 3

Author Closing Comment

by:Winsoup
ID: 40006895
It's all working now. Getting rid of those old records cleaned up the last of the issues I had.
Thank you all for the suggestions.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now