I have 2 forrests - lets call them forrest1 and forrest2
I have 2 domain controllers - dc1 and dc2
In forrest1, I have dc1, which is a windows 2000 domain controller. It is the only server in the forrest. It is running in "mixed mode"
In forrest2, I have dc2, which is a windows 2003 domain controller. It is the only server in the forrest. It is running "windows 2000 mixed mode"
I wish to trust these 2 forrests using a 2 way transistive trust. In order to do so, I must have dns configured so that name resolution works across the forrests (ie I can ping a netbios name from dc1 to dc2 and resolve it to an IP)
OK, ive read loads of guides, and searched the knowledge base articles and to be honest, I am more confused now than I was to begin with!
Ok, so I have created a new zone on each DNS server.
On dc1, I have created a new forward lookup zone for dc2
On dc2, I have created a new forward lookup zone for dc1
(ive also created reverse lookup zones although I doubt theyre needed?)
On dc2 (the windows 2003 box) the DC1 secondary zone appears to be ok. I have also allowed zone transfers for its own zone to dc1.
On dc1 (the windows 2000 box) the dc2 zone has a yellow error, when I go to the event log it says that zone transfers are not allowed - please enable them
Ive enabled zone transfers on both secondary zones. Ive tried manually updated them via the GUI by "transfer from master"
So I have forward lookup zones created on both DC's - yet I am still unable to resolve any names over the network (ie dns isnt working!)
I know very little about DNS. So if any of you are able to give me some tips id be a happy man!
If you need any other info, let me know!
thanks
dave
I have 2 domain controllers - dc1 and dc2
In forrest1, I have dc1, which is a windows 2000 domain controller. It is the only server in the forrest. It is running in "mixed mode"
In forrest2, I have dc2, which is a windows 2003 domain controller. It is the only server in the forrest. It is running "windows 2000 mixed mode"
I wish to trust these 2 forrests using a 2 way transistive trust. In order to do so, I must have dns configured so that name resolution works across the forrests (ie I can ping a netbios name from dc1 to dc2 and resolve it to an IP)
OK, ive read loads of guides, and searched the knowledge base articles and to be honest, I am more confused now than I was to begin with!
Ok, so I have created a new zone on each DNS server.
On dc1, I have created a new forward lookup zone for dc2
On dc2, I have created a new forward lookup zone for dc1
(ive also created reverse lookup zones although I doubt theyre needed?)
On dc2 (the windows 2003 box) the DC1 secondary zone appears to be ok. I have also allowed zone transfers for its own zone to dc1.
On dc1 (the windows 2000 box) the dc2 zone has a yellow error, when I go to the event log it says that zone transfers are not allowed - please enable them
Ive enabled zone transfers on both secondary zones. Ive tried manually updated them via the GUI by "transfer from master"
So I have forward lookup zones created on both DC's - yet I am still unable to resolve any names over the network (ie dns isnt working!)
I know very little about DNS. So if any of you are able to give me some tips id be a happy man!
If you need any other info, let me know!
thanks
dave
