If it's root domain with child domain( and ) or child domain with child domain trust( and ) you can choose External Trust OnlyĬhoose External Trust or Forest Trust depends on your environment as I mentioned belowħ.Two Way > Next > Both this domain and the specified domain > Next > Provide administrative credentials for the other domain(New Domain) > NextĨ.Domain wide authentication > Next > Domain wide authentication > Next > Nextĩ.Next > Yes. We can choose Forest Trust or External Trust here is the tips If it's root domain trust( and ) you can choose Forest Trust or External.
bat file (Change DNS opposite way as well)ġ.Open Active Directory Domains and TrustsĢ.Right click and choose Properties bat format file and name it(i.e Set DNS.bat we will use it later)ĥ.Repeat the procedure in the new domain(but the domain names and DNS will be the opposite way round)Ĭhange DNS in. Save the command above between - line as. Netsh interface ipv4 add dnsserver name="%%l" %dnsserver2% index=2 Netsh interface ipv4 set dnsserver name="%%l" static %dnsserver% both
Link your group policy to the actual OU that your computers are in.ģ.Enable DNS suffix search list we can navigate toĬomputer Configuration > Policies > Administrative Templates > Network > DNS Client >Ĥ.Set DNS via Scripts(Startup) we can navigate toĬomputer Configuration > Policies > Windows offįor /f "tokens=1,2,3*" %%i in ('netsh interface show interface') do ( On a domain controller > Administrative Tools > Group Policy Management Console. In addition, we should set DNS suffix search list and the easiest way to do that is via group policy.
On Old DC01,Old DC02,Old DC03 you should setup 'Conditional Forwarding'Ģ.Right Click Conditional to create new oneģ.You can Name Domain(i.e NewDomain) and fill IP address(i.e 172.16.0.1 and 172.16.0.2) please ignore the red error just show you how to fill them hereĤ.You can see green tick icon if all setting is OK(You can change time out to 100 or more instead of default 5 if you are using lower bandwidth between two Domains)ĥ.Please repeat these 3 steps on Old DC02,Old DC03 and repeat these similar process on New DC01,New DC02 (i.e OldDomain) and fill IP address(i.e 10.0.0.1 ,10.0.0.2 and 10.0.0.3)please ignore the red error just show you how to fill them here To achieve this you need to setup ‘Conditional Forwarding’ in each domain for the other one.įirst of all make sure 10.0.0.1,10.0.0.2,10.0.0.3 and 172.16.0.1,172.16.0.2 can ping each other if you don't know please ask help from network guy in your team The old domain needs to be able to resolve names in the new domain, and the new domain needs to be able to resolve names in the old domain.