I've been troubleshooting an issue with Name resolution between two separate active directory forests (trying to get a SCCM 2012 client assigned to a site, but I need to resolve this DNS issue first). There is a two-way trust setup, but something changed which is preventing a successful trust validation\nslookup\ping domain name.
Here's some context and more detailed info: Forest/Domain A (a.local), Domain Controller A (DNS installed)
- Conditional forwarder zone setup for "b.local" in DNS
- can successfully ping b.local
- can successfully NSLOOKUP b.local
- DCA has two virtual NICs (private/backup)
- Communication between other forests\domains works fine
Forest/Domain B (b.local), Domain Controller B (DNS installed)
- Conditional forwarder zone setup for A.local
- Can NOT ping a.local
- Can NOT NSLOOKUP a.local (2 second timeout message)
- CAN ping backup IP address of domain controller (DCA) in a.local
- DCB has two virtual NICs (private/backup)
I have tried several ipconfig /flushdns, ipconfig /showdns, disabling/re-enabling the virtual nics and switching around of DNS IPs on the NICs, etc but i can't nail down the problem. It almost seems like network requests for "a.local" are never forwarded to the DCA server.
I probably should install and run a network trace, but I don't have much experience with those apps. Anything come to mind by the information I've provided? I would really appreciate any troubleshooting ideas/advice as I'm new to DNS, especially with multiple network interfaces/ AD domains/etc..