Domain Trust over VPN...

Our company has 2 AD domains, abc.com (192.168.100.xxx) & xyz.com
(172.32.1.xxx).
They are in separate locations, I have a SonicWall TZ-170 on each end & have
a VPN connection between them.
I have WINS set up on each end, with each WINS server set as a push/pull
partner with the other server.
How can I get them to trust each other?
When I go to AD Domains & Trusts on abc & try to set xyz as a trusted
domain, what password is it wanting? Domain Admin password? If I try that,
it tells me that the domain can't be contacted. I can ping computers in the
other domain by IP address, but not by name.
Both DCs are set as DNS servers-do I need to add dns records for the other
domain?
Is there a way to have my DNS servers replicate between domains?

Hi, it wants the password you created during the establishment of the trust
not the domain admin password.

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA

"Mike" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Our company has 2 AD domains, abc.com (192.168.100.xxx) & xyz.com
> (172.32.1.xxx).
> They are in separate locations, I have a SonicWall TZ-170 on each end &
> have a VPN connection between them.
> I have WINS set up on each end, with each WINS server set as a push/pull
> partner with the other server.
> How can I get them to trust each other?
> When I go to AD Domains & Trusts on abc & try to set xyz as a trusted
> domain, what password is it wanting? Domain Admin password? If I try that,
> it tells me that the domain can't be contacted. I can ping computers in
> the other domain by IP address, but not by name.
> Both DCs are set as DNS servers-do I need to add dns records for the other
> domain?
> Is there a way to have my DNS servers replicate between domains?
>
>

Regarding DNS. A common method with two sites is to make each DNS server
a secondary for the "other" primary zone. That way each site DNS can resolve
addresses for either zone.

Todd J Heron wrote:
> Hi, it wants the password you created during the establishment of the
> trust not the domain admin password.
>
>
> "Mike" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> Our company has 2 AD domains, abc.com (192.168.100.xxx) & xyz.com
>> (172.32.1.xxx).
>> They are in separate locations, I have a SonicWall TZ-170 on each
>> end & have a VPN connection between them.
>> I have WINS set up on each end, with each WINS server set as a
>> push/pull partner with the other server.
>> How can I get them to trust each other?
>> When I go to AD Domains & Trusts on abc & try to set xyz as a trusted
>> domain, what password is it wanting? Domain Admin password? If I try
>> that, it tells me that the domain can't be contacted. I can ping
>> computers in the other domain by IP address, but not by name.
>> Both DCs are set as DNS servers-do I need to add dns records for the
>> other domain?
>> Is there a way to have my DNS servers replicate between domains?

It never gave me an option to create a password.

"Todd J Heron" <todd_heron(delete)@hotmail.com> wrote in message
news:%(E-Mail Removed)...
> Hi, it wants the password you created during the establishment of the
> trust not the domain admin password.
>
> --
> Todd J Heron, MCSE
> Windows Server 2003/2000/NT; CCA
>
> "Mike" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> Our company has 2 AD domains, abc.com (192.168.100.xxx) & xyz.com
>> (172.32.1.xxx).
>> They are in separate locations, I have a SonicWall TZ-170 on each end &
>> have a VPN connection between them.
>> I have WINS set up on each end, with each WINS server set as a push/pull
>> partner with the other server.
>> How can I get them to trust each other?
>> When I go to AD Domains & Trusts on abc & try to set xyz as a trusted
>> domain, what password is it wanting? Domain Admin password? If I try
>> that, it tells me that the domain can't be contacted. I can ping
>> computers in the other domain by IP address, but not by name.
>> Both DCs are set as DNS servers-do I need to add dns records for the
>> other domain?
>> Is there a way to have my DNS servers replicate between domains?
>>
>>
>

Did that & I can ping computers in other domain by name or address.
Shouldn't I see the other domain in Network Neighborhood?

"Bill Grant" <not.available@online> wrote in message
news:(E-Mail Removed)...
> Regarding DNS. A common method with two sites is to make each DNS
> server a secondary for the "other" primary zone. That way each site DNS
> can resolve addresses for either zone.
>
> Todd J Heron wrote:
>> Hi, it wants the password you created during the establishment of the
>> trust not the domain admin password.
>>
>>
>> "Mike" <(E-Mail Removed)> wrote in message
>> news:%(E-Mail Removed)...
>>> Our company has 2 AD domains, abc.com (192.168.100.xxx) & xyz.com
>>> (172.32.1.xxx).
>>> They are in separate locations, I have a SonicWall TZ-170 on each
>>> end & have a VPN connection between them.
>>> I have WINS set up on each end, with each WINS server set as a
>>> push/pull partner with the other server.
>>> How can I get them to trust each other?
>>> When I go to AD Domains & Trusts on abc & try to set xyz as a trusted
>>> domain, what password is it wanting? Domain Admin password? If I try
>>> that, it tells me that the domain can't be contacted. I can ping
>>> computers in the other domain by IP address, but not by name.
>>> Both DCs are set as DNS servers-do I need to add dns records for the
>>> other domain?
>>> Is there a way to have my DNS servers replicate between domains?
>
>

Are these domains in separate forests?

-ds


"Mike" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> It never gave me an option to create a password.
>
> "Todd J Heron" <todd_heron(delete)@hotmail.com> wrote in message
> news:%(E-Mail Removed)...
>> Hi, it wants the password you created during the establishment of the
>> trust not the domain admin password.
>>
>> --
>> Todd J Heron, MCSE
>> Windows Server 2003/2000/NT; CCA
>>
>> "Mike" <(E-Mail Removed)> wrote in message
>> news:%(E-Mail Removed)...
>>> Our company has 2 AD domains, abc.com (192.168.100.xxx) & xyz.com
>>> (172.32.1.xxx).
>>> They are in separate locations, I have a SonicWall TZ-170 on each end &
>>> have a VPN connection between them.
>>> I have WINS set up on each end, with each WINS server set as a push/pull
>>> partner with the other server.
>>> How can I get them to trust each other?
>>> When I go to AD Domains & Trusts on abc & try to set xyz as a trusted
>>> domain, what password is it wanting? Domain Admin password? If I try
>>> that, it tells me that the domain can't be contacted. I can ping
>>> computers in the other domain by IP address, but not by name.
>>> Both DCs are set as DNS servers-do I need to add dns records for the
>>> other domain?
>>> Is there a way to have my DNS servers replicate between domains?
>>>
>>>
>>
>
>

No. Network Neighborhood is driven by the computer browser service, not
DNS. The computer browser service relies on broadcasts and uses Netbios
names. It is not reliable across a WAN. It might work if you set up
networkwideWINS so that the master browsers can find each other across the
WAN link.

Mike wrote:
> Did that & I can ping computers in other domain by name or address.
> Shouldn't I see the other domain in Network Neighborhood?
>
> "Bill Grant" <not.available@online> wrote in message
> news:(E-Mail Removed)...
>> Regarding DNS. A common method with two sites is to make each DNS
>> server a secondary for the "other" primary zone. That way each site
>> DNS can resolve addresses for either zone.
>>
>> Todd J Heron wrote:
>>> Hi, it wants the password you created during the establishment of
>>> the trust not the domain admin password.
>>>
>>>
>>> "Mike" <(E-Mail Removed)> wrote in message
>>> news:%(E-Mail Removed)...
>>>> Our company has 2 AD domains, abc.com (192.168.100.xxx) & xyz.com
>>>> (172.32.1.xxx).
>>>> They are in separate locations, I have a SonicWall TZ-170 on each
>>>> end & have a VPN connection between them.
>>>> I have WINS set up on each end, with each WINS server set as a
>>>> push/pull partner with the other server.
>>>> How can I get them to trust each other?
>>>> When I go to AD Domains & Trusts on abc & try to set xyz as a
>>>> trusted domain, what password is it wanting? Domain Admin
>>>> password? If I try that, it tells me that the domain can't be
>>>> contacted. I can ping computers in the other domain by IP address,
>>>> but not by name. Both DCs are set as DNS servers-do I need to add dns
>>>> records for
>>>> the other domain?
>>>> Is there a way to have my DNS servers replicate between domains?