troubleshooting Question

DNS Name resolution between two untrusted forests

Avatar of Aamer-
Aamer- asked on
DNSActive Directory
21 Comments1 Solution732 ViewsLast Modified:
I am installing SCCM in two untrusted forests as part of a single sccm site. I have two forests one with internet connectivity (forest A) and the second without internet connectivity (Forest B)

sccm components installed in both forests use certificated and ad user accounts for communication and authentication.

to resolve names between two forests I can create conditional forwarders. but for security reasons I don't have an issue to create a conditional forwarder from Forest B to Forest A. but I do not want to create conditional forwarder from forest A which has internet connectivity to Forest B. but still be able to reach domain controlllers and sccm servers in the other forest.

without creating conditional forwarding is there a way to resolve names of only specific coomputers in the other forest. I don't want users in the forest that have internet access to resolve names of all servers in forest B. I need this only for a few servers.
Craig Beck
Network Architect and EE TA
Join our community to see this answer!
Unlock 1 Answer and 21 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 21 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros