Environment
NetIQ Directory & Resource Administrator 8.7.x
NetIQ Directory & Resource Administrator 9.0.x
Situation
How does DRA populate the Domains.DNS Registry Subsection / Trusted Domains in the GUI?
How does DRA populate the Trusted Domains list in the ARM console?
How does DRA populate the Trusted Domains list in the ARM console?
Does DRA query a Managed Domain’s Trusted Domain for a list of it's Trusted Domains?
Resolution
DRA enumerates the System container in Active Directory to populate the Trusted Domains list for each managed domain. In the System container in AD, there is a Trusted Domain object type that DRA looks at.
In cases where a DRA server is seeing a domain that no longer exists (including not showing in DNS), this is likely the place in AD holding on to the domain. Deleting the object manually from the System container will remove the entry in DRA's Trusted Domain list the next time a manual or scheduled Domain Cache Refresh or Incremental Account Cache Refresh runs.