Question

Locked

DNS Zone Transfer problems

By avi ·
Ok, here is the situation. It is a little complicated.

I was not the person who set up our company's network. We have two offices in two different parts of the country. One, lets call office1 is running a W2K server which is functioning as a DNS server, a Domain Controller, a file server, and a database server (filemaker, blech). Its domain is berkeley.companyname.com (company used to be located in Berkeley, CA). There is nothing with the domain companyname.com. In the DNS console for the DNS server at office1, besides the Nameservers, there is only the folder (subdomain) of berkeley. To add more complication companyname.com is the address of our website and so is actually an external IP address. Office 1 has about 20 users and also serves as a VPN for all users in the company (Cisco 1841).

The second office, lets call it office2, is running a windows 2003 server running DNS server, is its own domain controller, and a file server. Office 2's domain controller is actually running its own domain (I know, stupid, but that is the way it was setup before i got there). its domain is companynamevarient.local. Because it is its own domain controller running its own domain, it also has its own active directory users, etc etc. There are 3 users at this office. The sites are site-to-site VPN'd to each other.

From a IT management standpoint this is a nightmare. People change their login and password for the office2 domain and nothing happens at office1. everyone has to remember 2x the number of passwords, and I (not IT full time, but am also an employee in other functions) have way more work than is needed.

So, it has been suggested to me that I either create a trust between the two domains or to promote the second domain to be a child domain of the first. In either case, the first step seems to be adding Secondary DNS zones of the other office into each DNS server. This worked fine for getting Office2's DNS entries to be a secondary zone on Office1's dns server. I am having trouble, however, getting office1 into office2's dns as a secondary (or stub) zone. I get a zone not loaded by dns server. I have added the nameserver for office1 into office2's nameservers, i have allowed zone transfers for all servers listed in the nameservers.

When using nslookup from office2, it tells me that it cannot see server1.berkeley.companyname.com (the address of the dns server) as a domain. Nor can it see berkeley.companyname.com as a domain. companyname.com comes up with the ip address of our external web server. I can, however, ping the ip address of server1.berkeley.companyname.com [more info, if helpful, each domain is on a different subnet. office 1 is 192.168.10.x and office2 is 192.168.1.x]. I don't know enough to know which is causing which problem; if the fact that office1 isn't listed in office2's dns means it can't do an nslookup or if they are both indicative of a separate problem.

I realize our office IT setup is not ideal, nor does it really make any sense whatsoever. Any suggestions about how to reorganize would be helpful, but for now I would like to start by getting a trust to work. how do I get office2 to see office1's domain and add it as a secondary zone in DNS?

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Share your knowledge
Back to Networks Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums