I'm trying to set up a one-way domain trust between two domains, let's say prod.contoso.com and test.contoso.com. The goal is for users on the test domain to authenticate using accounts from the prod domain. It's working fine when users enter the FQDN (like [email protected]) but fails when they try to use the NETBIOS name (PRODUCTIONusername). Because Prod is an older domain, most clients default to using this NETBIOS name, which leads to failed authentications since the test domain can't translate the NETBIOS name to the FQDN associated with the trust. I've tried enabling the GlobalNames feature and creating a CNAME in the GlobalNames zone, pointing PRODUCTION to prod.contoso.com, but that hasn't worked either. Also, the NETBIOS name doesn't match the starting point of the FQDNs, and I'd like to make sure user principal names (UPNs) work well too. Is there a way to get DNS to forward the NETBIOS name to the correct FQDN? Most discussions online seem to focus on using the same FQDN across different domains, which isn't my case.
2 Answers
If you can't do a two-way trust because of your DMZ setup, then your options might be limited. Maybe check if there's a way to set up conditional forwarders on your DNS servers to help with how you resolve those names. It's a bit of a workaround, but it could help with getting clients authenticated without completely shifting your existing infrastructure.
It sounds like you're dealing with a tricky legacy system. Have you considered using WINS? It might help with the NETBIOS name resolution you're struggling with. But I totally get not wanting to deploy WINS in 2026—it's pretty outdated. You might end up needing to tackle a bigger strategy to phase out NETBIOS altogether, especially if you're looking for a more modern solution in your environment.
I hear you on WINS—definitely a last resort. I've been thinking about moving away from NETBIOS as well, but it's such a massive undertaking. Best of luck with that!
Thanks for the suggestion! I’ll definitely look into conditional forwarding as a potential solution.