Question : DNS Zones query

Hi All

I am just trying to learn about DNS in AD 2008, and have built a couple of VM's in my test lab. Both are in different forests as I also want to play around with Domains and Trusts.

First machine:

TESTDC1.com in the TEST.com domain.

Second machine:

EXTERNALDC1.com in the EXTERNAL.com domain

I have installed DNS on both servers.

What I want to do is create a folder on TESTDC1 and give permissions to some EXTERNAL users to access it, which will require a trust between the two domains (I will go for an external trust, not a forest trust).

Questions:

1) I need both domains to be able to resolve DNS queries for each other's namespace. Would I be correct in saying that I could either create two stub zones on each different DNS server, or two conditional forwarders?

2) When I try to create a conditional forwarder on EXTERNALDC1.com for TESTDC domain, I get a message saying that TESTDC1.com is not authorative for the TESTDC DNS domain. What does this actually mean, and how can I fix this?

3) If I want EXTERNAL users to access the folder on TESTDC1, would I be correct in saying that I need to create a one way, outgoing trust from TEST.com to EXTERNAL.com, and that TEST.com will be the trusting domain, and EXTERNAL.com would be the trusted domain?

4) I understand that FORWARD Lookup zones are hostnames to IP, and REVERSE lookup zones are IP to hostnames, but does this mean that for every external DNS domain, we need a zone configured? Or can it be set that if there is no information in Active Directory to forward the request to an ISP DNS server? How would I set this up?

5) What's the difference between setting up a CONDITIONAL FORWARDER to resolve DNS queries relating to the other domain, or a new FORWARD LOOKUP ZONE (and should I also create a REVERSE LOOKUP ZONE)?

Answer : DNS Zones query

First change the DNS suffix of TESTDC1 so its FQDN is TESTDC1.TEST.com instead of TESTDC1.com.
1. Both stub zone and conditional forwarders shall work.
2. Check SOA of the DNS zone TEST.com. A little bit confusing is that in this part of question, you mention TESTDC domain, and earlier have called it TEST.com
3. Yes, a one way trust where TEST.com trusts EXTERNAl.com will make users from EXTERNAL domain to access resources in TEST domain.
4. Use forwarders tab in the DNS server prpoerties, and configure that 'All other domains' shall be forwarded to ISP's DNS server. When using conditional forwarding, you add each domain that shall be forwarded to other DNS servers than those used for 'all other domains'
5. Conditoinal forwarding will forward DNS queries for the specified domain to another DNS server, and creating a new zone will be hosted on the local DNS server to handle the queries on the local DNS server instead of forwarding to the remote DNS server.

Random Solutions

Change Internal DNS

ILO access from public network

vmware use dual nic?

Lan run of 240 ft. Cat-5 vs Fiber Optic

Netware 6.5 DS Repair Issues

Connection failure to VPN thru Cisco VPN client Reason:412

How to Reissue a Notes ID

Windows cannot locate the server copy of your roaming profile

Cisco PIX 501: VPN Tunnel doesn't reconnect after PIX reboot

Not able to acces the application