Re: sys vol check

Each SITE has its own IP address and DNS server. There is only one folder
under the DNS forward lookup zones. There are three folders under the reverse
look up zone, 1 for each site/subnet. All three DNS servers has the same
setup.

"Jorge Silva" wrote:

How sites and subnets are configured?

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Scott Sendelbach" <ScottSendelbach@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:0049D664-5C8F-457F-B725-34FDB068C7B9@xxxxxxxxxxxxxxxx
Yes the servers have the local DNS server listed as the first(primary DNS
server) under the NIC properties. Then I removed the ISP DNS and added the
other two DNS server addresses.

Yes, the DNS is AD integrated.

The DNS server addresses is being populated by a network
appliance/firewall
that is handing out DHCP address. I made the Phoenix DNS server primary,
Las
vegas second and California last.

I think there is a DNS issue and I believe that replication is working.
How
can I test both to see if they are setup correctly?

"Jorge Silva" wrote:

Are the users NIC DNS configuration pointing only to their local DNS
servers?
You have DNS AD Integrated right?
Are the servers pointing to itself under their NIC DNS Preferred server?

You must had something wrong, because if you follow those links the Logon
must work.
Check if replication is working.

Another thing, you said that you undo everything, so how is it configured
now?


--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Scott Sendelbach" <ScottSendelbach@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:14F5AE16-61C8-4E4B-BE08-39C9BFF10489@xxxxxxxxxxxxxxxx
I modified the forwarders tab on the DNS AD list like the intructions
listed,
and then I changed the DNS servers list on all three DNS server to
point
to
each other rather then the ISP DNS servers.

When I got in this morning, no one was able to log on and see the
network.
I
had to undo everything I did yesterday afternoon and it seems to be
working
fine now.

I am not sure what I did wrong. I followed the instructions listed in
the
microsoft link you sent me earlier.

"Jorge Silva" wrote:

how?

The DNS server should point to itself in NIC Preferred DNSserver.
The clients should use only their local DNSserver in ther NIC
Preferred
DNSserver.

How clients and servers are configured now?

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Scott Sendelbach" <ScottSendelbach@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:2016BC8A-6A8F-4113-9D34-C07E3DD73A3B@xxxxxxxxxxxxxxxx
I have done as you instructed and it crashed our network. No one is
able
to
log on this morning and see any local resources.

"Jorge Silva" wrote:

Inline
1. How do I know when it will be safe to remove them from the
DHCP
device
that is handing out licenses?
- Remove what?
- If you're referring to network clients, make sure that each
client
only
uses their local DNS server, DON'T Place ISP DNS server on clients
NIC
Preferred DNS or secondary.

2. Why don't I want the ISP DNS servers listed? We have a hard
time
accessing the internet without them there.
Only local DNS servers should handle Internet name resolution,
trust
me,
you
don't want your clients and member servers trying to register on
external
DNS servers, or trying to resolve public address in public domain,
remember,
the AD is DNS dependent and all clients need DNS resolution to
reach
AD
Servers,etc... That's why they must use only internal DNS servers,
and,
if
the clients need Public resolution then internal DNS servers should
handle
that. You may think of internal DNS like something of this way...
Internal
DNS servers are maestros of Internal and External resolution... If
the
clients need to access AD servers the Internal DNS provide the
correct
address, if the clients need to access to public domain, the
internal
DNS
should also provide them the correct address. What would happen if
you
configured ISP DNS servers on clients??? Well, First the ISP DNS
Servers
don't allow your clients to register on their DNS servers, Second,
the
ISP
DNS Servers don't know where your internal DCs are, Third, if your
clients
go outside trying to resolve DNS queries they're exposing to public
network
which represents security issues.


3. All three offices are serviced by COX, but each office has
their
own
ISP
DNS server addresses because of their geographic location. Will
doing
this
step ruin the connection to the internet?
Why? If you have Internal DNS in each location (site), configure
Forwarding
in each DNS server to point to the correct ISP/DNS Server, you can
even
increase security by point the Forwarding to router IPAddress.


--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Scott Sendelbach" <ScottSendelbach@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote
in
message news:27A46733-6D06-4514-BAAC-2A15085686AA@xxxxxxxxxxxxxxxx
We have three different DNS servers, 1 in each office. I have
modified
the
DNS FORWARDERS per your suggestion. I have several questions
about
that.
1. How do I know when it will be safe to remove them from the
DHCP
device
that is handing out licenses?

2. Why don't I want the ISP DNS servers listed? We have a hard
time
accessing the internet without them there.

3. All three offices are serviced by COX, but each office has
their
own
ISP
DNS server addresses because of their geographic location. Will
doing
this
step ruin the connection to the internet?


"Jorge Silva" wrote:

Hi

First remove the ISP DNS servers from your NIC configuration.
(68.2.16.30;68.1.208.30)
To resolve internet names configure Forwarding
http://support.microsoft.com/kb/323380/

Second sounds like your server isn't resolving the parent
domain,
to
solve
that make sure that your server can resolve the FQDN of the DCs
at
Root
domain. You can configure Conditional forwarding, Secondary
zones
or
you
can
replicate the root DNS Zone at forest level. Attention the
_msdcs.domain.tld
contain information about Global catalog and other domain/forest
important
records and they only exist in parent (root) DNS server (this
zone
contains
information that IS ONLY AVAILABLE IN THE ROOT), so is always a
good
practice to replicate the root _msdcs.domain.tld across the
forest.
How to Create a Child Domain in Active Directory and Delegate
the
DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/

Conditional Forwarding in Windows Server 2003

http://support.microsoft.com/default.aspx?scid=kb;en-us;304491

How to Delegate All Internet Top-Level Domains on an Internal
Root
DNS
Server

http://support.microsoft.com/default.aspx?scid=kb;en-us;294906&sd=RMVP






--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Scott Sendelbach" <ScottSendelbach@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote
in
message
news:94A1B9A9-6943-4A47-8CF3-ACA26F85AD86@xxxxxxxxxxxxxxxx
Here is the DCDIAG Test results. Yes this DC is a DNS server.

Doing initial required tests

Testing server: PHOENIX\ADMINSERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
The host
1ea9b77e-235f-470b-9dff-390786e1077d._msdcs.CORP.DLECINC.com c
ould not be resolved to an
IP address. Check the DNS server, DHCP, server name,
etc
......................... ADMINSERVER failed test
Connectivity

Testing server: PHOENIX\SERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
The host
857bd24b-6e5b-416f-9c15-912bd3767259._msdcs.CORP.DLECINC.com c
ould not be resolved to an
IP address. Check the DNS server, DHCP, server name,
etc
Although the Guid DNS name

(857bd24b-6e5b-416f-9c15-912bd3767259._msdcs.CORP.DLECINC.com)
.

Relevant Pages

  • Re: NetBios and DNS
    ... I have the PC's configured with the internal DNS server and I have internet ... How I did this NSLookup was like this. ... If you have a zone for your "domain name" and you add the computer records ...
    (microsoft.public.windows.server.dns)
  • Re: Creating my first user accounts
    ... I am trying to log onto the domain with the clients to have access to shared ... files and access the internet. ... DNS is almost always the cause of authentication errors -- ... Did you alter the DNS server settings, ...
    (microsoft.public.windows.server.active_directory)
  • Re: Unix Bind and Windows DNS with Dynamic update issues!!!
    ... >suggest but it does NOT service internal clients directly. ... still have UNIX BIND to do the rest for host name and internet resolution. ... Windows 2003 DNS will acting as another internal DNS server like UNIX BIND? ...
    (microsoft.public.win2000.dns)
  • Re: Before adding desktops to....
    ... On the DC you can use the default settings to connect the clients to the domain. ... On the DC/DNS server you have to setup forwarders to the ISP's DNS server, so all clients in the domain have internet access if needed. ...
    (microsoft.public.windows.server.general)
  • Re: Unix Bind and Windows DNS with Dynamic update issues!!!
    ... >> 2) All internal DNS clients NIC\IP properties must specify SOLELY ... >> we are running UNIX BIND as internal and external DNS server. ... > expose your sensitive internal information on the Internet. ... >> internal clients like Windows, Mac etc are pointing to UNIX BIND server to ...
    (microsoft.public.win2000.dns)