How trusts work in Windows 2000

G

Guest

Hi
I'm trying (without much success!) to establish a trust between two domains.
I can ping the other domain but when I try to add it as a trusting domain I
get an error to say that it can't be contacted. Is this a DNS or WINS or
someother problem ?? I can ping the domain by name so I think that DNS is set
up to resolve the ip address correctly. Is it a requirement that domains have
to belong to the same forest to establish a trust relationship ??

Thanks for you help
 
K

Kurt

Is it a requirement that domains have
to belong to the same forest to establish a trust relationship ??
Click to expand...

No. External trusts can be established between domains in different forests.
You'll need to create in each domain a standard secondary zone for the other
domain. And Always refer to the other domain using it's fqdn. You say you
can ping the other domain by name? Can you ping hosts by fqdn?

....kurt
 
G

Guest

Thanks for the reply, Kurt

I've added a secondary zone on my domain but got an error: "Zone not loaded
by DNS server. The DNS server encountered an error while attempting to load
the zone. The transfer of zone data from the master server failed". Is that
because the secondary zone isn't set up on the other domain ??

Although I can ping hosts using fqdn within the DNS zone, I can't ping the
domain itself by name. Is that a problem ??

Thanks for your help.

Gary
 
K

Kurt

Have you enabled zone transfers and added the server in the other domain to
the list of servers that are allowed to transfer the zone?

Not having a secondary in the other domain won't have any bearing on whether
the secondary in this domain can get a zone transfer.

You should be able to ping (or nslookup) the domain by fqdn. That is how
Windows looks for the SRV for services like netlogon, LDAP, etc. required to
create a trust. To create a 2-way trust, you'll need resolution in both
directions - so get it going one way first, then do the same thing on the
other side.

....kurt
 
G

Guest

Thanks Kurt

I think that we may have some other network security issues which are
preventing me from achieving this trust set-up. I'm still trying to work my
way through it !
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

trusts 1
Trusts 1
trust relationship with w2k and NT 1
Multi forest and Citrix farm 1
Problem enabling trust relationship 1
Trust Relationships 3
Windows 2000 WINS Server 4
tips - trust between 2008 and 2003 domains 1

Top