Question : DNS zones and Active Directory Trust

DNS zones and Active Directory Trust

I have 2 domains that are in separate forests.
Domain1.com and Domain2.com

in Domain1.com I have a DNS zone Domain1.com which is also our Active Directory domain name. we have 2 Dcs on this domain

in Domain2.com, I have a DNS zone name Domain2.com which is also Active Directory Domain name, but there is another DNS zone primary zone unfortuntaley has the same name as Domain1.com.
in Domain2.com the primary zone is in DC1 and the secondary zone is in DC2


Now when I try to make a 2 way trust from Domain1.com, the trust gets created with no sign of failure, but it seems like it works just in one way. For instance from Domain1.com I can add users from Domain2.com to shares and give them permissions, in other words, you can search and find users from domain2.com (ex:userX.domain.com) while you are in the domain1.com.

The other side, if I go to domain2.com and try to add a user from domain1.com to a share, it opens the find window I can see the Domain1.com, but it doesn't show any user account from Domain1.com.

What I was blaming, is the DNS zone in DOmain2.com that has a name of Domain1.com, I thought maybe this messes up with the DNS lookup for users in AD at the domain1.com.

Could this be correct?

Answer : DNS zones and Active Directory Trust

I'm afraid I'm not sure you can avoid that. You could increase the default TTL on the zone so any cached records last longer on clients, but that still wouldn't compensate for new queries from clients with no cache.

I would recommed doing this at the quietest possible time, on a weekend?