Re: Trust Relationship Between 2 Domains

Hi Don

All servers except 1 server appeared in the DNS zone of Domain B in Domain
A. I basically changed the DNS zone of Domain B in Domain A to a Secondary
Zone, whilst maintaining the Domain B zone in Domain B as Primary. This did
not work so I then removed the Domain B zone in Domain A as I could not
change the replication scope and then all of a sudden all the servers except
1 appeared in Domain A and the scope changed to "All DNS SERVERS IN THE
ACTIVE DIRECTORY FOREST" However in Domain B the same zone's replication
scope appears as "All DOMAIN CONTROLLERS IN THE AD DOMAIN" When I try to
change the scope I get the same error message as before.

Could this be correct? Howvere, I am still having problems with the
TRUSTING from Domain A To Domain B.

Thanks

"Don Wilwol" wrote:

leave them as primary.
Are they all AD integrated, and set to replicate to all servers in the
forest?
The problem is you have Domain B set to only replicate within its own
domain. That is preventing the replication from getting to Domain A. Make
sure this is set to replicate to Domain A.

--
----------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com
www.skysphere.com

"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D72DA424-C0AA-4945-AAE8-209A70F28547@xxxxxxxxxxxxxxxx
Hi Don

I had a look at the support article but unfortunately this is for a
different type of problem. still unsure what to do?

Shall I configure the DNS servers as Secondary Servers or leave them as
Primary?

"Don Wilwol" wrote:

Here you go.
http://support.microsoft.com/kb/319504/en-us
--
--------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com (personal website)
www.skysphere.com (hosting available)
"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:515E0B76-B1C1-44E8-9A89-31FF8FE86D90@xxxxxxxxxxxxxxxx
Hi Don

Thank you for your email. All the Forward lookup zones Replication
Scope
is
set to "All DNS servers in the Active Directory forest" except the
Forward
Lookup Zone of DOMAIN B which is set to "All DNS Servers in the Active
Directory Domain" when I try to change the Replication Scope to "All
DNS
servers in the Active Directory forest" I get the error message: "The
replication scope could not be set. The error was: The name limit for
the
local computer network adapter card was exceeded."

Could you please tell me why I am getting this error message or can you
suggest on a solution?

Thank you

"Don Wilwol" wrote:

Open DNS, right click the forward lookup zones. You may have several.
They
will look like your domain names and some will start with _msdcs.
Right click and go to properties. You should see AD integrated in the
general tab. Under replication, (still on the general tab) make sure
"All
DNS servers in the Active Directory forest" is there. If not, click
the
change button and make it so it is.

--
----------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com
www.skysphere.com
www.skyphere.com

"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:A8889D93-F4EF-4ABD-807B-71804B2B4A1A@xxxxxxxxxxxxxxxx
Hi Don

Could you please tell me how I would do this?

Would I make this change in Domain A or Domain B?

Are you talking about the Dynamic Updates, in DNS or Replication
scope?
or
something else?

Thanks

Barazi

"Don Wilwol" wrote:

I would temporarily open up the security. Allow updates to all IPs.
Do
this
directly on the forward lookup zones and for now make them all go
to
all
servers.


--
----------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com
www.skysphere.com
www.skyphere.com

"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:CCF9F655-2FF7-4EC1-8846-97FE3EAACBF4@xxxxxxxxxxxxxxxx
Hi Don

My apologies the DNS servers are Domain Controllers. Any other
suggestions??

"Don Wilwol" wrote:

You make the statement
"- The Name Servers displays all DC's and DNS servers in Domain
A &
Domain
B."

If your using Active Directory Integrated zones, they will only
replicate
to
Domain Controllers. Make sure all your DCs are also DNS servers.
If
you
have
DNS servers that are not DCs, then your going to have to go with
something
other than AD integrated zones.


--
--------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com (personal website)
www.skysphere.com (hosting available)
"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message
news:DBABEB92-1C41-4EF4-9CB0-8F0C8A0B970B@xxxxxxxxxxxxxxxx
Hi Don

Thank you for your reply. I have setup 2 AD integrated zones
Primary
zones
for Domain A and Domain B.

Browsing DNS Server From Domain A In Domain A:
- The Forward Lookup zones for the DC in domain A has the
replication
scope
set to All DNS servers in the AD Forest.

- Dynamic Updates is set to SECURE ONLY.

- The Name Servers displays all DC's and DNS servers in Domain
A
&
Domain
B.

- The Zone Transfers are set to ONLY TO SERVERS LISTED ON THE
NAME
SERVERS
TAB.

- WINS Forward Lookup is Unticked.

Browsing DNS Server From Domain B In Domain A:
- The Forward Lookup zones for the Domain B DC in domain A has
the
replication scope set to All DNS servers in the AD Doman.
(Cannot
Change
Replication scope to Forest, I get the error message: The
replication
scope
could not be set. The error was: The name limit for the local
computer
network adapter card was exceeded.)

- Dynamic Updates is set to SECURE ONLY.

- The Name Servers displays all DC's and DNS servers in Domain
A
&
Domain
B.

- The Zone Transfers are set to ONLY TO SERVERS LISTED ON THE
NAME
SERVERS
TAB.

- WINS Forward Lookup is Unticked.

The problem I find is that I only see the DC's appearing in
the
DNS
zone
from Domain B in Domain A. No other workstations appear in the
DNS
zone.

However in Domain B I see all the records of the DNS zones in
Domain
A
&
Domain B without any problems. I have no access problems from
Domain B
to
Domain A.

I hope this helps, any suggestions I am truly stuck....


"Don Wilwol" wrote:

How is your DNS set up. Does everything point to the same
primary
and
secondary DNS servers. If your zones are not getting
replicated,
you
can't
find the resources and the trust won't work. You can also try
to
manually
create a secondary zone in Domain B.

--
--------
Hope It Helps!

dw
_______________________________
Don Wilwol
Distributed Application Technologies.
dwilwol(DELETE)@datbusiness.com
www.AtTheDataCenter.com (personal website)
www.skysphere.com (hosting available)
"Barazi Fuente" <BaraziFuente@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote
in
message
news:76B59798-F5AC-4276-9A88-95E5AD2783FD@xxxxxxxxxxxxxxxx
Hi Vincent

Thank you for your reply, but I have already tried to reset
the
account
and
this has not worked. Isn't there another way as by
resetting
the
account I
will need to rejoin the PC to the domain. How can I
achieve
this
on
the
Domain controllers?

Thank you Imran
.