troubleshooting Question

Adding an Active Directory trust

Avatar of Ralph Scharping
Ralph ScharpingFlag for Germany asked on
Active DirectoryWindows 10AzureWindows Server 2016
18 Comments1 Solution96 ViewsLast Modified:

I'm trying to create a two-way domain trust between two ad domains.  The two networks are linked via VPN.  Firewall is open.  
Each domain has two DCs.  One has 2008 R2 + 2016 with domain and forrest functional level at 2008 R2.
The other has 2x 2016 with domain and forrest functional level also at 2008 R2.

I have added DNS domains in reciprocal DNS first as a secondary domain, then as a conditional forwarding domain.  I added both forward and reverse lookup.  NSlookup-queries are answered fine.  nslookup -q=ns domain2.local produces the expected results.

When I try to add the trust, message sais that the domain could not be found.  This happens in command line and in the wizard on both ends the same way.  There are no relevant events in event log.

One of the two domains (the one with the 2008R2+2016 DC) already has a trust to another domain in place.  I added that trust back in 2016 and it was a very simple process that succeded on the first try.

What am I missing?

Join our community to see this answer!
Unlock 1 Answer and 18 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 18 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros