Question
Thread display: Collapse - |
All Answers
Share your knowledge
Start or search
Create a new discussion
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Question about forest trust and DNS for Windows Server 2003
After reading a few books and the article by Brien M. Posey about designing Active Directory namespaces (http://articles.techrepublic.com.com/5100-6345_11-5098072.html), I am a little confused about the establishment of the one-way forest trust.
Assuming there are two AD forests named abc.com and abc.local, where the .com is the external and .local is for internal. To my understanding, a one-way trust can only be established when both external and internal DNS servers hold information about one another. I have no problem with the idea of setting up a secondary zone of abc.com in the internal DNS server, but when adding a secondary zone of abc.local to the external DNS server wouldn't it become a potential security problem? Or is there another way to setup this one-way trust?
Any clarification would be greatly appreciated!