Re: AD circuitous route to DNS
From: Monty (montysl_at_nospam.hotmail.com)
Date: Wed, 17 Nov 2004 13:57:46 -0600
Actually, the other things you helped me with did not really apply to this
scenario, they just involved Reverse Lookup Zones and nslookup issues in, at
that time, a completely self-contained AD with no connection to the outside
world. I had not even enabled forwarders to the campus DNS for Internet
But to elaborate on the current setup, our domain is still very much
"stand-alone" in that we are our own forest and domain. The namespace is
unique to my understanding. There are other AD's on campus but there are no
trust relationships and the campus wide main network is NDS with no AD above
us. The campus DNS administrator is simply forwarding back to my AD DNS
server from his non-AD name servers after my clients look to his servers for
resolution first. He is doing this by subnet which limits the action to my
clients only since we have our own subnet. He did ask me to forward to his
name servers in my settings too. It looks like a big circle.
My first thought was that this would kill all my AD functionality and was
surprised to find some of it intact as desicribed in the first post.
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
> In news:%23xQ1AyMzEHA.3448@TK2MSFTNGP12.phx.gbl,
> Monty <firstname.lastname@example.org> commented
> Then Kevin replied below:
> > Thanks to Kevin for his help on my previous posts.
> > Now I go on to step two of the grand experiment. My new
> > AD is on a campus and, for many different reasons, we are
> > trying a long route for forwarders. Rather than have my
> > clients set to my AD as the primary DNS they want me to
> > set them to the campus name servers and then those
> > servers point back to my PDC for my clients only.
> > I have tried this already and have found issues with the
> > higher levels of management from the MMC on the client
> > logged in with Domain Admin privaleges. I cannot get to
> > AD GPMC, nor Domains and Trusts or Site and Services but
> > can manage AD Users and Computers, Event viewers on the
> > DC's and other lower level controls. This is pretty much
> > as I would expect it to be except I would really not have
> > thought I would have the ability to get to some I did.
> > Everything, of course, works correctly when the local AD
> > server is set in DNS on the clients.
> > Question.....is there a workaround or any settings that
> > will gain me full functionality in the AD as if the
> > clients were pointed correctly given my scenario?
> > Thanks in advance.
> I don't remember you exact scenario, is your AD domain name a sub domain
> a domain in the campus DNS?
> Did they delegate that name back to the AD DNS server?
> Please elaborate.
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> Keep a back up of your OE settings and folders
> with OEBackup: