Re: dns over subnets

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Spin (Spin_at_spin.com)
Date: 12/08/04 

Date: Wed, 8 Dec 2004 06:13:35 -0500

Why must a domain member "see" the _msdcs zone of the root domain, if it's
domain membership is in a child domain (provided that child domain can
contact the root domain when it needs to)?

"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
news:el4biKB3EHA.2876@TK2MSFTNGP12.phx.gbl...
> You should not be in position of needing to create DNS A records in one
> subnet as compared to another in this scenario. If a machine is to be
> a member of a domain it needs access to all SRV and related A and CName
> records of the zone supporting the domain it has joined and of the root
> domain
> of that forest if this is different from its domain of membership.
>
> Usually this is done by allowing access to a DNS server that can resolve
> those.
> Most commonly this means allowing the queries through the firewall or by
> having
> the zone(s) hosted by a local DNS server by use of a zone transfer.
>
> It is possible that issue you see are because of the FW. I know you said
> that
> it is dropping nothing. Does that mean if you shut it off, I mean,
bypassed
> it,
> then the issues remain?
>
> --
> Roger Abell
> Microsoft MVP (Windows Server System: Security)
> MCDBA, MCSE W2k3+W2k+Nt4
> "sktech" <sktech@discussions.microsoft.com> wrote in message
> news:4105C3AB-0CD2-47AC-B820-3AB064FC257A@microsoft.com...
> >I have two subnets connected through a firewall and have managed to get
> >most
> > of windows to network through. Although I have joined one server on
subnet
> > B
> > to the domain on subnet A, it seems to be sluggish in resolving. The FW
is
> > not dropping anything. I created a HOST A record for the server in
subnet
> > A
> > DNS and a record in subnet B dns. Both DNS are hosted on subnet A.
Should
> > I
> > create a DNS server for subnet B to improve performance. Windows
services
> > seem to run fine but pervasive db 8.5 keeps losing its connection and I
am
> > wondering if it is because of name resolution....
> >
> > Thanks
>
>

Relevant Pages

  • Re: applying computer settings takes a lot of time
    ... PC and DNS/DC are in the 192.168.10.x subnet ... Add a DNS/DC to the site where the computers are located and let the clients use that machine as preferred DNS on the NIC and another site DNS as secondary for redundancy. ... So is there a DNS server in there subnet available? ... Connection-specific DNS Suffix. ...
    (microsoft.public.windows.group_policy)
  • Re: applying computer settings takes a lot of time
    ... So in the moments the computer connected to another subnet to reach a DC/DNS server to authenticate and apply configuration settings, ... So is there a DNS server in there subnet available? ... Connection-specific DNS Suffix. ...
    (microsoft.public.windows.group_policy)
  • Re: Unable to connect to domain eventid:11153
    ... > particular subnet. ... > The reason it could not register was because the DNS server refused ... SRV records with the DC's A records then it is likely a firewall issue. ...
    (microsoft.public.win2000.active_directory)
  • Re: dns over subnets
    ... subnet as compared to another in this scenario. ... Usually this is done by allowing access to a DNS server that can resolve ... Microsoft MVP (Windows Server System: ...
    (microsoft.public.windows.server.dns)
  • Re: DNS questions
    ... > to my isp's dns server. ... Directory domain member, period. ... > forwarders configured on the internal dns server set to ...
    (microsoft.public.win2000.dns)