LenCepeda
asked on
Domain Trust DNS Problems
Having some trouble with an external domain trust. The networking portion is functional as I am able to ping ip addresses in both directions but I cannot ping host names from one side of the trust but I can ping hostnames from the other.
Conditional forwarders are validated and FQDN resolved.
Two Way External
Not Transitive
Both sides are 2003 functional level
DomainA
ServerA
Server2003
DomainB
ServerB
Server2008
I am able to ping hostnames from DomainA (from any server) on DomainB however, I cannot ping hostnames on DomainA from DomainB. I can ping ip addresses/
This trust was functional at some point in the past but disabled - I don't think zone transfers/secordary servers were used but and I swear I was able to ping hostnames in both directions just a few days ago.
Conditional forwarders are validated and FQDN resolved.
Two Way External
Not Transitive
Both sides are 2003 functional level
DomainA
ServerA
Server2003
DomainB
ServerB
Server2008
I am able to ping hostnames from DomainA (from any server) on DomainB however, I cannot ping hostnames on DomainA from DomainB. I can ping ip addresses/
This trust was functional at some point in the past but disabled - I don't think zone transfers/secordary servers were used but and I swear I was able to ping hostnames in both directions just a few days ago.
ASKER
That is correct - I should I wrote I am unable to ping FQDN of a system in DomainA from DomainB.
Yes, when I ping the FQDN it does resolve the correct ip address.
Thank you for you quick response.
Yes, when I ping the FQDN it does resolve the correct ip address.
Thank you for you quick response.
First, don't use ping to test DNS issues. Firewalls can easily block ICMP traffic and DNS as well as other traffic can work just fine. Not only is a failed ping a bad test for DNS, it may not even indicate a problem.
Use nslookup.
Use nslookup.
As a test try disabling IPv6 if it is enabled (assuming your not using anything that is reliant on IPv6).
ASKER
Cliff I attempted nslookup and it wasn't able to find the other domain:
****domainB can't find server: non-existent domain
Justing,
I disabled IPv6 on serverB- no change
****domainB can't find server: non-existent domain
Justing,
I disabled IPv6 on serverB- no change
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Can you clarify what you mean by
If you in fact cannot resolve DomainA from DomainB then you will need to follow Cliff's suggestions.
Conditional forwarders are validated and FQDN resolved.and how you validated those items if you say now you can't resolve DNS of DomainA from DomainB.
If you in fact cannot resolve DomainA from DomainB then you will need to follow Cliff's suggestions.
ASKER
Alright - I deleted the conditional forwarded and recreated it and poof it worked!!!!
When you perform the ping, does it resolve to the correct IP Address of the destination system?