Trust between forest root and new domain root
snickered
Member Posts: 25 ■□□□□□□□□□
I'm reading that there is an automatic trust created between a forest root and a new domain root. I'm wondering if that would allow me to manage DNS in the new domain root from an mmc snapin on the forest root domain controller.
I have gone through Chapter 9 Lesson 1 of the MS Press 70-640 Training Kit. I have created the forest root of treyresearch.net, domain root of northwindtraders.com and child domain of intranet.treyresearch.net on SERVER10, SERVER20, and SERVER30 respectively. When I login as TREYRESEARCH\Administrator on SERVER10 I can open a DNS mmc snapin and add SERVER30 but not SERVER20. The error I get is "A security package specific error occurred. . Would you like to add it anyway?" Yeah - there's an extra dot in there - strange.
From SERVER10 logged in as TREYRESEARCH\Administrator I can successfully add SERVER30 to the DNS mmc and manage DNS on the intranet.treyresearch.net domain without a problem. So, that leads me to believe it's a trust problem.
What am I missing here? Should I be able to manage northwindtraders.com DNS on SERVER20 from an mmc console as TREYRESEARCH\Administrator logged in on SERVER10? Thanks!
I have gone through Chapter 9 Lesson 1 of the MS Press 70-640 Training Kit. I have created the forest root of treyresearch.net, domain root of northwindtraders.com and child domain of intranet.treyresearch.net on SERVER10, SERVER20, and SERVER30 respectively. When I login as TREYRESEARCH\Administrator on SERVER10 I can open a DNS mmc snapin and add SERVER30 but not SERVER20. The error I get is "A security package specific error occurred. . Would you like to add it anyway?" Yeah - there's an extra dot in there - strange.
From SERVER10 logged in as TREYRESEARCH\Administrator I can successfully add SERVER30 to the DNS mmc and manage DNS on the intranet.treyresearch.net domain without a problem. So, that leads me to believe it's a trust problem.
What am I missing here? Should I be able to manage northwindtraders.com DNS on SERVER20 from an mmc console as TREYRESEARCH\Administrator logged in on SERVER10? Thanks!
Comments
-
snickered Member Posts: 25 ■□□□□□□□□□Figured it out. I had something wrong. I ended up starting over. After creating abc.com, manually creating the delegation then creating northwindtraders.com it worked as expected. I am able to do anything a domain admin of northwindtraders.com can do logged in as treyresearch\Administrator.
-
dummyk Registered Users Posts: 1 ■□□□□□□□□□After I click boot when finish I get :
"Directory configuration information indicates that the domain
nwt.com already exists. Do you want to reinstall that domain ?
If you click Yes, all information about the prior Active Directory
Domain Services domain installation will be deleted"
If I click Yes, it tries to install AD DS again and ends up with the same message ?
I'm probably "blind" but I can't see what i am doing wrong ? I have PSR-doc of what I do
if anyone would try to help ?
Brgrds and Merry Christmas