Re: Question about creating an Active Directory with my modem providing DHCP services....

From: ptwilliams (ptw2001_at_hotmail.com)
Date: 03/22/05 

Date: Tue, 22 Mar 2005 08:14:58 -0000

> 1. Can I set Active Directory up so that it looks to the modem for DHCP
> information? If so, how?

Yes, you can configure the modem to give out DHCP info., but will need it to
point to the internal DNS server (the DC usually) which isn't a great idea.
Better to statically configure the host, and disable DHCP on the modem.
Then let the DC dish out DHCP.

> 2. Since the router doesn't have a setting where I can specify the domain
> name for my AD server, can I set one of the DNS servers on the router to
> the AD Server? (If you notice in his steps, he makes the WS2k3 a DNS and
> AD server, and has a loopback set up for the DNS lookups).

You don't have to configure the domain name DHCP option, as the Primary
Connection Suffix is set when a machine joins the domain. However, as
stated in point one I would configure DHCP on the DC not the router.

> 3. Would it be simpler in the end, to just get another computer and put
> WS2k3 on there? Set the router to point to that computer for everything,
> and then set it up to run DHCP for everything else?

No.

> 4. In theory, if I have one computer with one copy of WS2k3 running, how
> many different Active Directories can I put on there? I'm guessing one,
> but I'm curious if I could create an external domain on one AD, and an
> internal domain on a second one? If I can do this, then it will solve
> most of my problems, I believe. This is because I can create the DNS for
> the AD that would house my 'external domain', and then have the internal
> domain point to that for it's information. I think I can find the
> 'internal' domain in a roundabout way through the external domain
> (although the other computers will connect directly to the internal one
> after joining it.)

One domain per DC. But feel free to have multiple VMs running as DCs for
different domains.

> I should note that I tried this with the VMWare Virtual computer, and I
> couldn't locate the internal domain to join it. But, I didn't create an
> external domain, and I didn't let the AD use the router to get it's DHCP
> information from. I'm sure I'll have more questions as I go along, but
> these will get me started.

If you couldn't locate a DC it's likely a DNS issue. Probably due to the
router/ modem being the DHCP server. See above points for my feelings and
opinions on the router acting as a DHCP server.

> Also, I should point out that I do have VPC set up as a service. So, when
> I reboot (if I join the host computer to the domain), I just have to wait
> a couple of minutes to log in. That's assuming, of course, that I don't
> have to have a user logged into WS2k3 in order for client computers to log
> into the domain. I can also set VMWare up as a service, so if I get all
> of this lined out, I'll use that one as well.

I'm not so sure about this. I, personally, wouldn't join the host to the
virtual domain. You'll miss out on certain types of (Group) policy
application, as the DC can never be available when the computer starts.

I assume this is for testing. Probably would be a better idea to just have
two virtual clients. They don't need much RAM. I run 8 Windows 2000
servers in my VM Lab -and they're running as DCs (two DCs per domain; two
domains; one forest), ISA, SMS, F&P, WUS, etc.

REMEMBER: All domain members (members and DCs) are DNS clients. All DNS
clients must point to an internal DNS server that is authorative for the
namespace that you are using for your AD domain (or a dis-jointed
equivalent, but this requires additional configuration). 

-- 
Paul Williams
http://www.msresource.net/
http://forums.msresource.net/
Loading