Question

Locked

AD DNS problem with 2 Domains

By njwirehead ·
I have 2 Windows 2000 AD DOMAINS, domain1.com and domain2.com, running on the same IP subnet. The domains are setup in a trust. Both domains use AD integrated DNS that's hosted on servers in the domain1.com domain.

Zone transfers are enabled for servers listed on the name servers tab. Secure updates are enabled. All DNS records function and replicate to DNS servers in domain1.com (this includes all records for the domain2.com zone.)

I'm now setting up a new subnet at a remote site that will extend the domain2.com domain.

IP routing is functioning between the sites, and there are no FW policies in place that block traffic between the subnets.
I've also setup a new site & subnet in AD Sites & Svcs.

Only domain2.com will be setup at the new site, so I've setup an additional DC for domain2.com on the remote subnet, listing the domain1.com IP address as the primary client DNS server before running DC promo. DNS server was also installed on the new DC but not configured before running DCpromo.

After running DCPromo and rebooting, all seems well with the exception of DNS.

When I open the DNS snap-in I see the zones for domain1.com and domain2.com, but none of the records have replicated from the domain1.com DNS servers. Only the name server and host records for the domain controllers are listed.

Dcdiag gives me no errors. There are no errors in the event log.

Repadmin /showreps shows successful attempts for inbound domain2.com neighbors, and displays nothing under outbound neighbors.

Could this be some kind of permission problem between the DNS servers on domain1.com and the domain/DNS servers in domain2.com?

For kicks, I tried setting up AD integrated DNS on one of the other domain2.com servers on the primary subnet, and I get the *same* result.

When I setup an additional domain1.com DC with DNS on the new subnet, everything works perfectly.

This definitely has something to do with the fact that the DNS server is running on the domain2.com DC.

Are there permissions that I can set on the domain1.com DC to make this work or is the setup just wrong? Should I setup a standard secondary DNS in the new subnet instead of AD integrated?

Thanks for any help!

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Answers

Back to Windows Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums