Multi Domain SQL Server Always on Availability Groups

Hi Mates,

I have been hearing about configuring Always on Cross Domains just like Database Mirroring. It really is huge benefit for Multiple organizations as till now there is no support for it.

This has been introduced in Windows 2016 & it has many other features which really is exciting & driving me to work on it.

In this post I am going to show you how to perform this. More or less I feel many of the activities that I am going to explain needs to be driven either by AD/Windows team.

I created 4 Machines & all are them are running on Windows 2016 & below are the details for the same.

Note: As we need 2 Active directory servers there is no compulsion that both of them should be windows 2016. one can be windows 2012 too. Also ensure the password remains the same across all the machines.

I made use of oracle virtual servers & you can use any of your favorite one's. However make sure all of them are able to communicate with each other with their relevant IP Addresses

Machine 1: AD1 --> IP Address: Domain Name:

Machine 2: AD2--> IP Address: Domain Name:

Machine 3: Node1->IP Address: --> part of

Machine 4: Node2->IP Address:> part of

The process is very straightforward & simple & I highly recommend you to go through the below

Here are the steps:
1) Currently my Node2 is part of domain.

Right click on my computer->properties->change settings->change->more
there you will find primary DNS suffix of this computer in that tab add & restart the machine.

2) once done install Failover clustering feature on Node1 & Node2. Also if you run ipconfig /all
on Node2 you will see primary DNS suffix as

3) Now we need to DNS records in AD1 so for that open
 DNS Manager ->forward lookup zones->>New Host

Add the Node2 & it's IP address under Name & IP address fields accordingly.

4) Click on the server Name under DNS & update it. Below is the snap for your reference

5) once done create the windows cluster by adding the 2 nodes. I had given the windows cluster Name as AGWINCLU & IP as

6)Install SQL Server on both the nodes (NODE 1 & NODE2) & enable the Always on feature.
Note: Don't install Guest addition on these VMS as it will throw an error while enabling Always on.

7) I thought everything is done & tried to proceed with creation of availability groups however I was not able to as the database is not getting joined. This is where one should not forget the basics.
My Node1 SQL Server service is running with ABC\SQLSVC & Node2 SQL Server Service is running with XYZ\SQLSVC.

We need to add these accounts as login & need to grant permissions on Endpoints however as the domains are different I was not able to add them. So what was missing???? As you Guess the trust between them.

8) we need to enable trust between them so open DNS on AD2 & click on
conditional forwarders-->New conditional Forwarder-->enter under DNS Domain & enter IP Address below. Given the screen shot for reference.

9) perform the same action on Node1 this time by specifying & it's relevant IP address of AD2 machine.

10) once the above mentioned steps are done open Active directory domains & trusts on AD2 & right click on & open the Trusts tab.

11) click on New trust & specify
ABC.COM under Name Dialog Box then
select Forest Trust as Trust type then
select Two way under Direction of Trust then
select Both this domain & specified Domain under  sides of trust then
Enter the username & password in our case it would be ABC\administrator then
select Forest-Wide Authentication under outgoing trust authentication then
click on Next twice
post that select yes, confirm the outgoing trust & then incoming trust. Boom We are done. click on Finsh.

12) once the above steps now we need to create logins for SQL Server under Node1 like XYZ\SQLSVC  by granting permissions on Endpoint & under Node2 create login ABC\SQLSVC & grant the permissions to Endpoint. That's it.....

Note:: I performed all these actions on my Virtual Machines & I have not yet done on production servers. So I request you to make use of this as base for carrying it in real time. Also I have not shown how to create AG groups as it is familiar to all of us by this time.
I made use of SQL Server 2016 to perform this test.  Thanks for Reading.