Trust Relationship between forests

I'm needing some advice on establishing a trust relationship between two domains in different forests.

Domain A in Forest 1 has an ISA Server that I need to use with Domain B in Forest 2.

Both Domain Controler A and Domain Controler B are on the same subnet. 192.168.1.0. Each Domain Controller has DNS Server running for Active Directory purposes.

Both networks are Windows 2000 with Active Directory. Through reading some knowledgebase articles, I decided that I needed to write an LMHOSTS file so that Domain A would recognize the Domain Controller for Domain B and vice versa.

When I go to establish the trust in Active Directory Domains and Trusts on each server, I get the message: "The trusted domain has been added and the trust has been verified." But, when I come back and hit the Verify button, I get the message "Information from the primary domain controller for the domain xxxxxx cannot be obtained because: The RPC server is unavailable." I have checked both servers and I get the same messages. Plus, I have verified that the RPC server is running.

Should I have used another way instead of an LMHOSTS file so that each domain would recognize the domain controller of the other domain? I was curious if this could somehow be done via DNS?

Any help or leads would be greatly appreciated.

 

Make sure times are in sync. See Q257187.

Have you tried adding in the forward lookup zone > new zone > standard secondary (zone name is fqdn of other domain) > transfer from <IP Address> of other server. Repeat for the other DNS.

Run repadmin to check inbound/outbound lists.

 

Thank you for replying Unixfan.

I did as you suggested with the creation of a new secondary standard zone on each server. I also went into each servers own forward lookup zone and made sure that under zone transfers, that it allowed zone transfers to any server. But, now, when I click on the secondary standard zone to view it, I get the message : "The DNS Server encountered an error while attempting to load the zone. The transfer of zone data from the master server failed. "

Any suggestions?

Also, I feel I should mention that the primary lookup zone for each domain is active directory integrated.

 

Have you looked at the troubleshooting section of Q313563 which mentions
"The DNS Server encountered an error while attempting to load the zone. The transfer of zone data from the master server failed "
and steps to take to fix it?

 

Thanks for replying Newt. And, yes, I had already checked out that KnowledgeBase article. I think where my issue may be is that both DNS Servers are Active Directory Integrated. Each server is in a completely separate forest, but, they both reside on the same subnet, i.e. server01 in domain_a is 192.168.1.1 and server02 in domain_b is 192.168.1.2. The reason for this is because the second server is only used as a web server and email server for another company. They are just sitting behind the ISA Server in domain_a for mail server publishing, web publishing, and ftp publishing.

Should I change the way DNS is setup, as far as the DNS Server on domain_a being a standard primary and the DNS Server on domain_b being a standard secondary? If so, will neither server being Active Directory-integrated hurt my active directory setup?

Thanks for any suggestions or advice.