No announcement yet.

Trust relationship and DNS.

  • Filter
  • Time
  • Show
Clear All
new posts

  • Trust relationship and DNS.


    I'm having an issue here with a trust relationship and DNS. Basically, i've setup a new domain called domain.local. The old domain is named I've setup a trust relationship between the 2 domains, however some users have a problem contacting the server in the old domain due to DNS issue.

    First of, from the new DC domain.local, the server in the old domain, will ping OK with his name. Though, when doing a nslookup, it won't resolve unless i put the full name of the server (like,

    On the client machine, i've tried puting the old server to answer the DNS query first (just to test). Here's what i get with nslookup:

    Default server : server

    > server
    Serveur : server

    *** server could not find server : Non-existent domain

    It won't resolve either if i try to ping it. I'm kind of wondering why the old domain name ( won't append itself to the server's name. I've double checked DNS settings and everything looks fine, so, i'm looking forward for ideas where to check for the problems.

    Best regards,


  • #2
    Re: Trust relationship and DNS.

    this is normal behavior, assuming you forwarded both domains DNS to each other or creating a secondary of each domain zone pulling from each other.

    the way you could resolve the problem is just adding in the client's TCP/IP settings the DNS suffix of both domains.
    goto TCPIP > configuration > DNS > append these DNS Suffix (in order), add both DNS zones there or in other word both domain.local and

    An unqualified single-label name contains no dots, such as "example". This is different from a fully qualified domain name, such as "".
    when a user submits a query for a single-label name, such as "example", a local DNS client attaches a suffix, such as "", resulting in the query "", before sending the query to a DNS server.
    DNS suffix is attached for each submission of a query. If a query is unsuccessful, a new DNS suffix is added in place of the failed suffix, and this new query is submitted. The values are used in the order they appear in the Box, starting with the up value and preceding to down as on the list.

    you can configure this also in Group Policy "Comptuer > Administrative Templates > Network > DNS Client > DNS Suffix Search List.

    after you will do this it will work like a charm.

    if you want to test it in nslookup , then open nslookup
    and type doamin=dmain.local
    then type the single-label name record you want to test/check of the domain.local
    (e.g myserver or pc1)
    by setting the domain=domain.local it will append automatically the single-label name with the domain.local, e.g. myserver.domain.local.
    the same you could test on the other domain with setting the and looking for records there.
    Last edited by Akila; 11th June 2008, 23:43.


    • #3
      Re: Trust relationship and DNS.

      Thanks for the reply and the tips !

      I tought about adding the IP and name it should resolve to in the hosts file in system32\drivers\etc. Thought i wonder if the DNS server would actually look in that file to try and resolve names to IP.



      • #4
        Re: Trust relationship and DNS.

        The DNS client resolver will always look in the hosts file.