Two locations with two internal DNS servers - AD how ?

G

Guest

Hi,
We have two locations, A and B.

Location A
Already set up with DNS, AD and they have their own domain and forest.
The DNS is just setup internally and there is a forwarder entry to the ISP.
The firewall blocks incoming traffic except for some services that have been
mapped to internal machines.
(also made portmappings in the firewall for port 53 DNS and 389 ldap to
establish contact from location B to location A)

Location B
Making a new server.
This server should be a part of the forest of location A, but have its own
domain and domaintree.
On this server I made a forwarder in the DNS server to the external
ipaddress of the DNS server in domain A.

The problem:
When running the Active Directory wizard I come to the point where I have to
fill in the credentials to logon to location A.
I am absolutely sure the username and password of the administrator account
from location A are correct.
However after pressing Next, I get the error : The Domain
"locationA.company" is not an Active Directory domain, or an Active Directory
domain controller for the domain could not be contacted."
I am positive that the domain is an Active Directory domain, so the problem
must be contacting the other domain (DNS server) ?
Do I need to open up specific ports on the firewall of domain A to be able
to make contact ?

Please help.
 
K

Kevin D. Goodknecht Sr. [MVP]

In
Virtuality said:
Hi,
We have two locations, A and B.

Location A
Already set up with DNS, AD and they have their own
domain and forest.
The DNS is just setup internally and there is a forwarder
entry to the ISP. The firewall blocks incoming traffic
except for some services that have been mapped to
internal machines. (also made portmappings in the
firewall for port 53 DNS and 389 ldap to establish
contact from location B to location A)

Location B
Making a new server.
This server should be a part of the forest of location A,
but have its own domain and domaintree.
On this server I made a forwarder in the DNS server to
the external ipaddress of the DNS server in domain A.

The problem:
When running the Active Directory wizard I come to the
point where I have to fill in the credentials to logon to
location A.
I am absolutely sure the username and password of the
administrator account from location A are correct.
However after pressing Next, I get the error : The Domain
"locationA.company" is not an Active Directory domain, or
an Active Directory domain controller for the domain
could not be contacted."
I am positive that the domain is an Active Directory
domain, so the problem must be contacting the other
domain (DNS server) ?
Do I need to open up specific ports on the firewall of
domain A to be able to make contact ?

Instead of opening ports that will turn your firewall into swiss cheese, set
up a VPN connection between these two networks.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top