Re: Trust Relationship Between 2 Domains

Hi Don

I had a look at the support article but unfortunately this is for a
different type of problem. still unsure what to do?

Shall I configure the DNS servers as Secondary Servers or leave them as
Primary?

"Don Wilwol" wrote:

Here you go.
http://support.microsoft.com/kb/319504/en-us
--
--------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com (personal website)
www.skysphere.com (hosting available)
"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:515E0B76-B1C1-44E8-9A89-31FF8FE86D90@xxxxxxxxxxxxxxxx
Hi Don

Thank you for your email. All the Forward lookup zones Replication Scope
is
set to "All DNS servers in the Active Directory forest" except the
Forward
Lookup Zone of DOMAIN B which is set to "All DNS Servers in the Active
Directory Domain" when I try to change the Replication Scope to "All DNS
servers in the Active Directory forest" I get the error message: "The
replication scope could not be set. The error was: The name limit for the
local computer network adapter card was exceeded."

Could you please tell me why I am getting this error message or can you
suggest on a solution?

Thank you

"Don Wilwol" wrote:

Open DNS, right click the forward lookup zones. You may have several.
They
will look like your domain names and some will start with _msdcs.
Right click and go to properties. You should see AD integrated in the
general tab. Under replication, (still on the general tab) make sure "All
DNS servers in the Active Directory forest" is there. If not, click the
change button and make it so it is.

--
----------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com
www.skysphere.com
www.skyphere.com

"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A8889D93-F4EF-4ABD-807B-71804B2B4A1A@xxxxxxxxxxxxxxxx
Hi Don

Could you please tell me how I would do this?

Would I make this change in Domain A or Domain B?

Are you talking about the Dynamic Updates, in DNS or Replication scope?
or
something else?

Thanks

Barazi

"Don Wilwol" wrote:

I would temporarily open up the security. Allow updates to all IPs. Do
this
directly on the forward lookup zones and for now make them all go to
all
servers.


--
----------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com
www.skysphere.com
www.skyphere.com

"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:CCF9F655-2FF7-4EC1-8846-97FE3EAACBF4@xxxxxxxxxxxxxxxx
Hi Don

My apologies the DNS servers are Domain Controllers. Any other
suggestions??

"Don Wilwol" wrote:

You make the statement
"- The Name Servers displays all DC's and DNS servers in Domain A &
Domain
B."

If your using Active Directory Integrated zones, they will only
replicate
to
Domain Controllers. Make sure all your DCs are also DNS servers. If
you
have
DNS servers that are not DCs, then your going to have to go with
something
other than AD integrated zones.


--
--------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com (personal website)
www.skysphere.com (hosting available)
"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:DBABEB92-1C41-4EF4-9CB0-8F0C8A0B970B@xxxxxxxxxxxxxxxx
Hi Don

Thank you for your reply. I have setup 2 AD integrated zones
Primary
zones
for Domain A and Domain B.

Browsing DNS Server From Domain A In Domain A:
- The Forward Lookup zones for the DC in domain A has the
replication
scope
set to All DNS servers in the AD Forest.

- Dynamic Updates is set to SECURE ONLY.

- The Name Servers displays all DC's and DNS servers in Domain A
&
Domain
B.

- The Zone Transfers are set to ONLY TO SERVERS LISTED ON THE
NAME
SERVERS
TAB.

- WINS Forward Lookup is Unticked.

Browsing DNS Server From Domain B In Domain A:
- The Forward Lookup zones for the Domain B DC in domain A has
the
replication scope set to All DNS servers in the AD Doman. (Cannot
Change
Replication scope to Forest, I get the error message: The
replication
scope
could not be set. The error was: The name limit for the local
computer
network adapter card was exceeded.)

- Dynamic Updates is set to SECURE ONLY.

- The Name Servers displays all DC's and DNS servers in Domain A
&
Domain
B.

- The Zone Transfers are set to ONLY TO SERVERS LISTED ON THE
NAME
SERVERS
TAB.

- WINS Forward Lookup is Unticked.

The problem I find is that I only see the DC's appearing in the
DNS
zone
from Domain B in Domain A. No other workstations appear in the
DNS
zone.

However in Domain B I see all the records of the DNS zones in
Domain
A
&
Domain B without any problems. I have no access problems from
Domain B
to
Domain A.

I hope this helps, any suggestions I am truly stuck....


"Don Wilwol" wrote:

How is your DNS set up. Does everything point to the same
primary
and
secondary DNS servers. If your zones are not getting replicated,
you
can't
find the resources and the trust won't work. You can also try to
manually
create a secondary zone in Domain B.

--
--------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com (personal website)
www.skysphere.com (hosting available)
"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message
news:76B59798-F5AC-4276-9A88-95E5AD2783FD@xxxxxxxxxxxxxxxx
Hi Vincent

Thank you for your reply, but I have already tried to reset
the
account
and
this has not worked. Isn't there another way as by resetting
the
account I
will need to rejoin the PC to the domain. How can I achieve
this
on
the
Domain controllers?

Thank you Imran

"Vincent Xu [MSFT]" wrote:

Hi,

Actually, I suggest you to reset computer account.

320187 HOW TO: Manage Computer Accounts in Active Directory
in
Windows
2000
http://support.microsoft.com/default.aspx?scid=kb;EN-US;320187


Best regards,

Vincent Xu
Microsoft Online Partner Support

======================================================

Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your
newsreader
so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and
confers
no
rights.
======================================================



--------------------
Thread-Topic: Trust Relationship Between 2 Domains
thread-index: AcZ00yQ6Z9ZuhuDNTkSIrmTrBOYw3Q==
X-WBNR-Posting-Host: 217.158.191.82
From: =?Utf-8?B?QmFyYXppIEZ1ZW50ZQ==?=
<BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx>
References:
<D9CC0B92-3132-4637-8FAD-E22D30CA1E03@xxxxxxxxxxxxx>
<WTdSqrKdGHA.5024@xxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Trust Relationship Between 2 Domains
Date: Thu, 11 May 2006 01:16:02 -0700
Lines: 153
Message-ID:
<EAB52A09-1480-4478-9B39-E783AF528F95@xxxxxxxxxxxxx>
MIME-Version: 1.0
.

Loading