Environment
Group Policy Administrator 4.6
Group Policy Administrator 5.0
Group Policy Administrator 5.0 SP1
Situation
What are the DNS requirements for Group Policy Administrator between trusted and untrusted domains?
Resolution
GPA will support working with untrusted domains, provided that the untrusted domain name can be resolved. This requires that the DNS server in the trusted domain have forwarding set up to the untrusted domain. The DNS servers which are authoritative for each of the domains the customer wants to manage with GPA need to have forwarders to the DNS server for each untrusted domain.
This is the configuration that should be used. If forwarders are not already in place, they should be added. There is no security risk in this configuration.
Additional Information
Formerly known as NETIQKB71159
Using LMHosts is not a viable option.
Using LMHosts is not a viable option.