I've been troubleshooting an issue with Name resolution between two separate active directory forests (trying to get a SCCM 2012 client assigned to a site, but I need to resolve this DNS issue first). There is a two-way trust setup, but something changed which is preventing a successful trust validation\nslookup\ping domain name.
Here's some context and more detailed info: Forest/Domain A (a.local), Domain Controller A (DNS installed)
- Conditional forwarder zone setup for "b.local" in DNS
- can successfully ping b.local
- can successfully NSLOOKUP b.local
- DCA has two virtual NICs (private/backup)
- Communication between other forests\domains works fine
Forest/Domain B (b.local), Domain Controller B (DNS installed)
- Conditional forwarder zone setup for A.local
- Can NOT ping a.local
- Can NOT NSLOOKUP a.local (2 second timeout message)
- CAN ping backup IP address of domain controller (DCA) in a.local
- DCB has two virtual NICs (private/backup)
I have tried several ipconfig /flushdns, ipconfig /showdns, disabling/re-enabling the virtual nics and switching around of DNS IPs on the NICs, etc but i can't nail down the problem. It almost seems like network requests for "a.local" are never forwarded to the DCA server.
I probably should install and run a network trace, but I don't have much experience with those apps. Anything come to mind by the information I've provided? I would really appreciate any troubleshooting ideas/advice as I'm new to DNS, especially with multiple network interfaces/ AD domains/etc..
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Odd DNS Name resolution Issue, out of ideas
in Active Directory
Posted
Hello All,
I've been troubleshooting an issue with Name resolution between two separate active directory forests (trying to get a SCCM 2012 client assigned to a site, but I need to resolve this DNS issue first). There is a two-way trust setup, but something changed which is preventing a successful trust validation\nslookup\ping domain name.
Here's some context and more detailed info:
Forest/Domain A (a.local), Domain Controller A (DNS installed)
- Conditional forwarder zone setup for "b.local" in DNS
- can successfully ping b.local
- can successfully NSLOOKUP b.local
- DCA has two virtual NICs (private/backup)
- Communication between other forests\domains works fine
Forest/Domain B (b.local), Domain Controller B (DNS installed)
- Conditional forwarder zone setup for A.local
- Can NOT ping a.local
- Can NOT NSLOOKUP a.local (2 second timeout message)
- CAN ping backup IP address of domain controller (DCA) in a.local
- DCB has two virtual NICs (private/backup)
I have tried several ipconfig /flushdns, ipconfig /showdns, disabling/re-enabling the virtual nics and switching around of DNS IPs on the NICs, etc but i can't nail down the problem. It almost seems like network requests for "a.local" are never forwarded to the DCA server.
I probably should install and run a network trace, but I don't have much experience with those apps. Anything come to mind by the information I've provided? I would really appreciate any troubleshooting ideas/advice as I'm new to DNS, especially with multiple network interfaces/ AD domains/etc..