1

Have a customer with two separate offices / companies, eg:

domainone.local (Windows Server 2008 R2)
domaintwo.pvt (Windows Server 2008)

Each office has a dynamic IP when connecting to the internet. Is it possible to setup a trust between the two and how? Tried getting started with it, but couldnt even get past the initial Trust Wizard getting:

"the new trust wizard cannot continue because the specified domain cannot be contacted"
SupaMonkey
  • 113
  • 4

2 Answers2

0

Yes you have option and it is DynDNS. Dynamic DNS (DDNS or DynDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

Dynamic IP addresses present a problem if the customer wants to provide a service to other users on the Internet. As the IP address may change frequently, corresponding domain names must be quickly re-mapped in the DNS, to maintain accessibility using a well-known URL.

Many providers offer commercial or free Dynamic DNS service for this scenario. The automatic reconfiguration is generally implemented in the user's router or computer, which runs software to update the DDNS service. The communication between the user's equipment and the provider is not standardized, although a few standard web-based methods of updating have emerged over time.

stambata
  • 1,598
  • 3
  • 13
  • 18
  • Thanks, already have dyndns setup on both sides, but how does this factor in? dyndns address <> AD domain address? – SupaMonkey Apr 16 '16 at 13:48
0

SupaMonkey. When you setup the trust what options does it give you for establishing the trust? does it offer realm trust and external trust? When setting up a trust you need to be able to resolve more than just the FQDN of a DC in the other domain. You also you need to be able to see the other domains SRV records so your DCs can find a Kerberos server to establish a trust with.

on the DNS server for domainone.local try adding either a STUB zone or a conditional forwarder that points at an Authoritative DNS server for the domaintwo.pvt domain. do the same on a DNS Server on the domaintwo.pvt pointing at an Authoritative DNS server for the domainone.local domain.

I don't know how your WANs are set up between your sites, do you have a site-to-site VPN? this or some other form of connection between the two office will need to be in place first, can hosts in each site ping each other? if not you will need to address this before creating your trusts.

Michael Brown
  • 3,204
  • 2
  • 9
  • 10