Trust between Domains

[efector]

I want to create a trust between 2 domains on my network. The networks are able to communicate via router.

Network 1
Windows 2003 Domain
domain.com
10.10.100.0

Network 2
Windows 2000 Domain
domain.local
10.10.200.0

What do I configure so that theses domains trust each other and people are able to access resources on either network without issue?

Thanks

 

[mlichstein]

With 2000 and 2003 trusts, the easiest way to do this is with DNS.

Lets say your 2000 domain is called domaina.com and your 2003 domain is domainb.com. You will need to create secondary zones for each of these on the other domain.

For example, on domaina, create a secondary zone for domainb, and on domainb create a secondary zone for domaina. Make sure you enable zone transfers for each primary zone so that the secondaries populate.

Once the zones transfer, you will be able to set up the trust using AD domains and trusts.

 

[efector]

Do i create a primary zone? or do I create an active directory integrated zone?

Currently on each server, i only have an AD integrated zone.

 

[mlichstein]

You create a secondary zone.

 

[efector]

ok...this is gonna sound dumb.....on DomainA, i have 3 Dc's, which each are DNS servers having copies of the AD integrated zone. Do i create a secondary zone on each one? and point it to the DC/DNS server in DOMAIN B?

On DomainB, i only have ONE DC/DOMAIN controller, so does it matter which DNS server in domainA it points to for as a secondary?

 

[mlichstein]

In domain, you can create the secondary for domainb on all three DCs. That way if one goes down, it won't take the trust with it.

For your second question...When you set up a secondary zone it asks you for the name of the zone you want to transfer from, not the name of a DC.