Re: AD circuitous route to DNS

From: Monty (montysl_at_nospam.hotmail.com)
Date: 11/17/04 

Date: Wed, 17 Nov 2004 13:57:46 -0600

Actually, the other things you helped me with did not really apply to this
scenario, they just involved Reverse Lookup Zones and nslookup issues in, at
that time, a completely self-contained AD with no connection to the outside
world. I had not even enabled forwarders to the campus DNS for Internet
connectivity.
But to elaborate on the current setup, our domain is still very much
"stand-alone" in that we are our own forest and domain. The namespace is
unique to my understanding. There are other AD's on campus but there are no
trust relationships and the campus wide main network is NDS with no AD above
us. The campus DNS administrator is simply forwarding back to my AD DNS
server from his non-AD name servers after my clients look to his servers for
resolution first. He is doing this by subnet which limits the action to my
clients only since we have our own subnet. He did ask me to forward to his
name servers in my settings too. It looks like a big circle.
My first thought was that this would kill all my AD functionality and was
surprised to find some of it intact as desicribed in the first post.
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:eVHP%235MzEHA.1452@TK2MSFTNGP11.phx.gbl...
> In news:%23xQ1AyMzEHA.3448@TK2MSFTNGP12.phx.gbl,
> Monty <montysl@nospam.hotmail.com> commented
> Then Kevin replied below:
> > Thanks to Kevin for his help on my previous posts.
> > Now I go on to step two of the grand experiment. My new
> > AD is on a campus and, for many different reasons, we are
> > trying a long route for forwarders. Rather than have my
> > clients set to my AD as the primary DNS they want me to
> > set them to the campus name servers and then those
> > servers point back to my PDC for my clients only.
> > I have tried this already and have found issues with the
> > higher levels of management from the MMC on the client
> > logged in with Domain Admin privaleges. I cannot get to
> > AD GPMC, nor Domains and Trusts or Site and Services but
> > can manage AD Users and Computers, Event viewers on the
> > DC's and other lower level controls. This is pretty much
> > as I would expect it to be except I would really not have
> > thought I would have the ability to get to some I did.
> > Everything, of course, works correctly when the local AD
> > server is set in DNS on the clients.
> > Question.....is there a workaround or any settings that
> > will gain me full functionality in the AD as if the
> > clients were pointed correctly given my scenario?
> >
> > Thanks in advance.
>
> I don't remember you exact scenario, is your AD domain name a sub domain
of
> a domain in the campus DNS?
> Did they delegate that name back to the AD DNS server?
> Please elaborate.
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>

Relevant Pages

  • Re: Questions on putting up a new DNS server.
    ... > Root domain AD-zone info. ... There are no other servers or clients in the Root domain. ... own DNS servers -- integrate them into AD. ...
    (microsoft.public.win2000.dns)
  • Major Issues After NT4 --> 2003 Upgrade
    ... For some reason, the servers are joining the DNS domain name, instead of the ... Our NT4 domain we'll call "NBIOS" and the DNS domain name that we assigned ... finding that the clients started thinking they were joined to the DNS.com ...
    (microsoft.public.windows.server.migration)
  • Re: DCs to use their own DNS/Domain name, while clients use another
    ... > -All client/member servers configured to use DNS servers that host the ... members should be in that domain for DNS as well. ... Pretty silly since the domain clients are using the BIND set. ...
    (microsoft.public.win2000.dns)
  • Re: Change IP subnet for a site
    ... > The only problem being that the network is part of a private network in ... > clients are connected, but I have to allow for the possibility that they ... >>> servers. ... >>> DNS to ensure proper DNS registration. ...
    (microsoft.public.windows.server.active_directory)
  • Dnsapi question/wall off DNS
    ... situation where we are dependant on campus UNIX servers for Internet DNS ... incorrect settings had been working for years. ...
    (microsoft.public.windows.server.dns)