Question about forest trust and DNS for Windows Server 2003

By tkwhuang ·
As a newbie to the windows server 2003, I am hoping someone could help me clarify the following issue.

After reading a few books and the article by Brien M. Posey about designing Active Directory namespaces (, I am a little confused about the establishment of the one-way forest trust.

Assuming there are two AD forests named and abc.local, where the .com is the external and .local is for internal. To my understanding, a one-way trust can only be established when both external and internal DNS servers hold information about one another. I have no problem with the idea of setting up a secondary zone of in the internal DNS server, but when adding a secondary zone of abc.local to the external DNS server wouldn't it become a potential security problem? Or is there another way to setup this one-way trust?

Any clarification would be greatly appreciated!

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Share your knowledge

Related Discussions

Related Forums