none
Active Directory Learing Question

    Question

  • So myself and a colleague have set up 2 separate domains we will call my ad.domain1.org and his is domain2.local we have been trying to do some learning experiences so we have our physical networks talking to each other i can reach devices in his network and he can reach devices in mine. So we set up a 2 way Forest trust and after doing that everything was working except on his side is has a CA so he was having an issue. If he would request a Cert for a website he runs or for a vmware server web interface it would give an error saying:

    "The specified domain either does not exist or could not be contacted 0x8007054b (WIN32:1335 ERROR_NO_SUCH_DOMAIN) The Active Directory Containing the Certificate Authority could not be contacted"

    but he can make requests for domain2.local and those would work but anything that is not domain2.local will fail with this error. 

    After breaking the trust between the 2 domains he can request Certs for any domain. does anyone know what would cause this?

    Also the next set we where looking at doing was trying to merge the 2 domains together but what we are trying to do is see if its possible for one of our domains to be the root domain and then merge the 2nd domain as a sub domain. is this possible to do?

    Thursday, January 5, 2017 11:39 PM

All replies

  • That looks a DNS resolution issue. You can use conditional forwarders so that each domain can redirect DNS requests for the other domain to the DC/DNS server in that domain.

    As for the merge, you need to create a child domain with different NetBios name compared to the domain you will migrate then you can use ADMT to migrate your objects.


    This posting is provided AS IS with no warranties or guarantees , and confers no rights.

    Ahmed MALEK

    My Website Link

    My Linkedin Profile

    My MVP Profile

    Friday, January 6, 2017 12:21 AM
  • would be need the conditional forwarders if we have secondary zones set up?
    Friday, January 6, 2017 1:11 AM
  • Hi,
    If you have set up secondary zones, please check if it is updated with primary zone in time, you could also manually force an update on it to see if it works.
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, January 6, 2017 7:40 AM
    Moderator