Share via

NSLOOKUP returning inconsistent results across AD forest trust

Daniel 86 Reputation points
2024-05-20T13:54:31.2433333+00:00

Hello,

I have a query about AD forest trust and DNS settings.

I have established a bidirectional trust between three AD forests and have set up DNS forwarding for each domain. However, I have noticed that when I run nslookup against DCs of other forests, I am getting varying results. For instance, when I run nslookup dc.01.domainA.local, I get the DNS record and IP address of the server. But when I run nslookup <IP ADDRESS OF DC IN OTHER FOREST> , I get the output UnKnown can't find 10.10.10.20: Non-existent domain.

Is this a normal behavior?

Windows for business | Windows Server | Devices and deployment | Set up, install, or upgrade
Windows for business | Windows Server | User experience | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jing Zhou 7,765 Reputation points Microsoft External Staff
    2024-05-22T05:58:19.6733333+00:00

    Hello,

     

    Thank you for posting in Q&A forum.

    This issue can be caused by multiple factors and we can follow below steps to troubleshoot the issue.

    1.Please kindly run CMD command repadmin /syncall on a DC and check later if issue still persists. If issue gone it means there's some latency or issue for AD replication.

    2.Check if the preferred DNS server or DNS forwarder is configured well on the domain controller with issue.

    3.Capture a network trace when reproducing the issue on the domain controller with issue, check if there's any insights in the network trace captured.

     

    Best regards,

    Jill Zhou

     

    If the Answer is helpful, please click "Accept Answer" and upvote it.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.