Re: Different DNS and AD domain structures
From: Herb Martin (news_at_LearnQuick.com)
Date: 07/02/04
- Next message: Ace Fekay [MVP]: "Re: Event ID: 5504"
- Previous message: Ace Fekay [MVP]: "Re: NetBIOS name resoultion problem"
- In reply to: BillDuff: "Different DNS and AD domain structures"
- Next in thread: BillDuff: "RE: Different DNS and AD domain structures"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 1 Jul 2004 21:00:02 -0500
"BillDuff" <billduff@ms-discussions.com> wrote in message
news:CE750200-A495-419B-969A-90602A7BA185@microsoft.com...
> The company I am with at the moment is planning an AD rollout (using
Win2003). They are currently on NT4 domains and are consolidating these into
a fewer number of AD domain based on the Business units with an empty root
domain.
>
> The AD will be stuctured as 'BusUnit1.AD.company.com'
'BusUnit2.AD.company.com' etc with 'ad.company.com' as the forest root.
>
> Some of the business units have an existing DNS structure that is based on
location such as 'london.company.com', 'newyork.company.com' and they want
to keep this structure (not sure why... this is coming from the project team
in one of the other business units)
Perfectly acceptable AS LONG AS you insure that each
DNS client (and this means servers too) can reach a DNS
server which can either resolve every name.
This last means that every DNS server (used by clients)
must be either:
1) Hold all the answers
2) Have a "root hints/cache file" that allows finding a
common ROOT and working down to any possible name
3) Have another DNS server as forwarder which can do
either number 1, 2, or 3 until the name is found.
For instance, if ALL of you zones are children of .Com (direct
or as grandchildren etc.) then .Com can serve as a common
root, but then you get into the issue of how to resolve the
Internet (which is usually and implicit requirement.)
> I know this should be possible but there is very little information about
setting this up or its implications.
Just write down ALL of the domains. Find the natural
relationships (parent child), and arrange a common
root or other method for all names to be resolved.
If it gets complicated then post the MINIMAL requirements
succintly here.
> What I need to know is what are the advantages of doing it this way and
more importantly what are the downsides. Is there any options that dont work
or are not as easily managed by doing it this way.
Advantage:
You can have more names.
Disavantage:
You have to set it up
Consider this: For EVERYONE who will still resolve "The Internet",
they have this problem to a greater or lesser extent.
Keep this in mind: Clients need a DNS Server which can find ALL
names they might legitimately query.
The 'standard' method of this is for that DNS server to recurse from
the root down until it reaches the answer.
The 'standard' supplement to this is using a "forwarder" to resolve
those names the first DNS server cannot reach.
Win2003 offers even more tools than Win2000 for handling odd
or weird situations ("conditional forwarding" & "stub zones")
and sometimes BIND servers might be helpful as well if it gets
REALLY UGLY.
Generally though Win2003 DNS is your BEST choice for internal
Windows domains, and Win2000 is second best with BIND in a
somewhat separate third place.
-- Herb Martin >
- Next message: Ace Fekay [MVP]: "Re: Event ID: 5504"
- Previous message: Ace Fekay [MVP]: "Re: NetBIOS name resoultion problem"
- In reply to: BillDuff: "Different DNS and AD domain structures"
- Next in thread: BillDuff: "RE: Different DNS and AD domain structures"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
