Re: How to configure forwarding in W2K.

"Why not just add a single ENTRY-set for that ONE
MS IIS server you need to reach? (Replicate it to
all DNS in the same server set.)

To do this: create a ZONE but use the actual server
NAME (www.otherforest.com) instead of the more
usual domain-name zone name. Add a blank A-host
record (same as parent) for the IIS server."

Iam not clear on how to do what you suggest here. I am trying to get the
MIIS server in our forest to communicate with a domain controller (W2K3) in
another forest (which we manage as well) for directory replication.


"Herb Martin" wrote:

"TD" <TD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:65B45F00-1B76-4F44-B6B8-7E4A8E230CFC@xxxxxxxxxxxxxxxx
The main reason why we need to introduce the W2K3 DNS server is to
facilitate
the communication of a W2K3 server running MIIS with the other forest
which
is already running W2K3. So on this MIIS server, we will actually install
W2K3 DNS on it and only set it to use itself for DNS resolution.

It sounds like a goofy design but if you can be certain
that every DNS client (and server) will get every
resolution it requires, and get it consistently, then you
are ok.

Will this
work, short of upgrading all the existing DNS servers to W2K3 from W2K?
NOTE
the exsiting W2K DNS are also domain controllers.

Probably we could get it to work but it sounds very
flaky and may be difficult to keep correct.

Why not just add a single ENTRY-set for that ONE
MS IIS server you need to reach? (Replicate it to
all DNS in the same server set.)

To do this: create a ZONE but use the actual server
NAME (www.otherforest.com) instead of the more
usual domain-name zone name. Add a blank A-host
record (same as parent) for the IIS server.


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

Thanks.

"Herb Martin" wrote:

"TD" <TD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:AF32CA8E-61B0-44CF-A7EB-7BB18F6A45B9@xxxxxxxxxxxxxxxx
If my domain (AD) is still W2K, will there be a problem introducing a
secondary W2K3 DNS server? The primary DNS will remain a W2K box for
the
time
being.

Not as a Member server (or even as a DC if you ADPrep
the domain) BUT this will LIKELY NOT fix your problem:

You cannot have clients using one server which can
correctly conditionally forward AND using another
server which can and expect reliably results.

DNS clients think that EVERY DNS server returns the
CORRECT answers -- in fact from a client perspective
every DNS server does return THE correct answer by
definition.

Any client set with the Primary (Win2000) as EITHER
preferred or alternate DNS would get unpredictable
and unreliable resolution.

"Laura E. Hunter [MVP]" wrote:

Conditional forwarding isn't available in Windows 2000 DNS,
unfortunately.
It's a new feature of 2003 DNS, you'll need to deploy a 2003 DNS
server
to
utilize it.




--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

HTH


--
--
Laura E. Hunter: MVP Windows Server - Networking
All replies to newsgroup, please
Post provided as-is, no warranties expressed or implied


"TD" <TD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1B06456E-040A-4149-8EC0-54DCAB16A166@xxxxxxxxxxxxxxxx
I was wondering if anyone out there might have an idea, on how in
W2K,
in
DNS
under the forwarding tab, you can configure DNS to forward queries
for
a
specific domain to a given IP address, as you can do in W2K3?

In this might help, here is what I am trying to resolve: We have 2
forests,
located in 2 different geographical locations. One location has a
W2K3
domain
and the other one (main location) has W2K. There are PIX firewalls
in
both
environments. Relevant ports for DNS queries and MIIS communications
have
been opened. Both locations use private IP addresses on the internal
network
and public IP addresses for external communications. How can we tell
the
DNS
server in the W2K site to directly contact the public IP address of
the
W2K3
site to resolve any IP addresses/hostnames that have a domain suffix
for
the
W2K3 location?











.

Relevant Pages

  • Issues migrating SBS 2003 domain to Server 2008 Standard
    ... We are stuck migrating our SBS 2003 domain to Server 2008. ... Fatal Error:DsGetDcName (SRV-EXCH) call failed, ... Verify your Domain Name Sysytem (DNS) is ... network connectivity to a domain controller. ...
    (microsoft.public.windows.server.sbs)
  • Re: AD management snap in cannot find DC (netdiag /v workstation)
    ... The name.local entries are used by my apache server to implement ... change button, more button, the "Primary DNS suffix of this ... Attr: subschemaSubentry ... Owner of the binding path: ...
    (microsoft.public.windows.server.active_directory)
  • Re: AD management snap in cannot find DC (netdiag /v workstation)
    ... button, more button, the "Primary DNS suffix of this computer", it should ... The Security System could not establish a secured connection with the server ... Attr: subschemaSubentry ... Owner of the binding path: ...
    (microsoft.public.windows.server.active_directory)
  • Re: AD management snap in cannot find DC (netdiag /v workstation)
    ... DNS Host Name: tonyb-pc.imageproc.imageproc.com ... Testing IpConfig - pinging the DHCP Server... ... Attr: subschemaSubentry ... Owner of the binding path: ...
    (microsoft.public.windows.server.active_directory)
  • Re: Issues migrating SBS 2003 domain to Server 2008 Standard
    ... Since you have migrated to standard server 2008 you would be better served posting in a Standard server NG. ... Event String: ... Verify your Domain Name Sysytem (DNS) is ... network connectivity to a domain controller. ...
    (microsoft.public.windows.server.sbs)