Jump to content

  • 0

Odd DNS Name resolution Issue, out of ideas


Hello All,


I've been troubleshooting an issue with Name resolution between two separate active directory forests (trying to get a SCCM 2012 client assigned to a site, but I need to resolve this DNS issue first). There is a two-way trust setup, but something changed which is preventing a successful trust validation\nslookup\ping domain name.


Here's some context and more detailed info:
Forest/Domain A (a.local), Domain Controller A (DNS installed)

- Conditional forwarder zone setup for "b.local" in DNS

- can successfully ping b.local

- can successfully NSLOOKUP b.local

- DCA has two virtual NICs (private/backup)

- Communication between other forests\domains works fine


Forest/Domain B (b.local), Domain Controller B (DNS installed)

- Conditional forwarder zone setup for A.local

- Can NOT ping a.local

- Can NOT NSLOOKUP a.local (2 second timeout message)

- CAN ping backup IP address of domain controller (DCA) in a.local

- DCB has two virtual NICs (private/backup)


I have tried several ipconfig /flushdns, ipconfig /showdns, disabling/re-enabling the virtual nics and switching around of DNS IPs on the NICs, etc but i can't nail down the problem. It almost seems like network requests for "a.local" are never forwarded to the DCA server.


I probably should install and run a network trace, but I don't have much experience with those apps. Anything come to mind by the information I've provided? I would really appreciate any troubleshooting ideas/advice as I'm new to DNS, especially with multiple network interfaces/ AD domains/etc..






Share this post

Link to post
Share on other sites

1 answer to this question

Recommended Posts

  • 0

Is there a router / switch between 2 forests? if your answer is yes then enable AD ralated ports on that device. If there is a VPN communication between forests, then reestablish site-to-site connectivity. If I'm at your place I'll disable unwanted NICs first, because multi-homed network in recommended on DCs as per Microsoft.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.