I set up an AD forest with a DNS server. I tried adding a second server as a second tree domain to the forest.
First, the error I'm getting is "Could not log onto the domain with the specified credential. Supply a valid credential and try again.
The second server can ping the forest's domain without a problem. The first server can ping the second server's IP. So, it doesn't appear to be a DNS issue. I've tried every permutation of the following configuration setting when setting up the second server:
Domain type: Tree Domain
Forest Name: Fully qualified (domain.com) and root (domain)
New Domain name: domain2.com
Credential: domain\Administrator and domain.com\Administrator and firstMachineName\Administrator
(There is only one account on the first machine, which is the administrator account I used in creating the forest.)
I'm wondering if anyone has experienced similar issues and what they did to overcome them? Or any links to other places where the question has been answered.
I've seen a number of suggestions on the matter, none of which seem to work.
Best Answer
So, it turns out that my domain controller was using itself as the DNS. The domain controller was a DNS for the local network, which is why the second server was able to access it using the forest domain. The domain controller was trying to resolve the requesting host using a its own table, which didn't contain the host for the second server. Changing the DNS back to our network DNS was all I had to do.