Hi,
We are creating a one way trust where DomA.com trusts DomB.com. To improve security, rather than allow full name resolution for all computers in DomA, we would like to create a forward lookup zone with manual host records for only those servers that are needed to create the trust and provide access to the resources DomB need.
For the trust creation, am I correct that a blank host record with IP of a domain controller is all that is needed? Thus DomA.com and DomB.com will resolve to DCs from the other domain.
Will this work or is a stub zone\conditional forwarding needed?
Many thanks
Brendan