Re: DNS Client Config
- From: Meinolf Weber <meiweb(nospam)@gmx.de>
- Date: Wed, 5 Nov 2008 21:22:03 +0000 (UTC)
Hello Barry,
Domain internal you can have GPO's not correctly applied, really long startup times, name resolving issues if the domain DNS is down. Maybe mapping's will not stay or occur.
DNS Security:
http://technet.microsoft.com/en-us/library/cc784808.aspx
http://technet.microsoft.com/en-us/library/cc770474.aspx
http://technet.microsoft.com/en-us/library/cc785404.aspx
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Thanks, I guess that will have to do. Do you know of any negative
impacts from setting a secondary to an external DNS server? Obviously
loss of resources if the primary goes down, but what about security?
"Meinolf Weber" wrote:
Hello Barry,
Maybe this one is better for you:
Do not configure the client DNS settings to point to your ISP's DNS
servers.
If you do so, you may experience issues when you try to join the
Windows
2000-based or Windows Server 2003-based server to the domain, or when
you
try to log on to the domain from that computer. Instead, the internal
DNS
server should forward to the ISP's DNS servers to resolve external
names.
From "Windows 2000 Server and Windows Server 2003 member servers",
you can see a member server like a normal client:
http://support.microsoft.com/kb/825036
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
I was really looking for something about workstations and desktops.
I am in a tough situation here, at odds with superiors. I was
looking for something that says do not assign users a secondary DNS
server that points to your ISP's DNS server. There is no need. I
don't know if that will be enough, they are dug in. Thanks for the
help.
"Meinolf Weber" wrote:
Hello Barry,
This states, NOT to configure the ISP's DNS server on the NIC. What
else do you need?
"If this server needs to resolve names from its Internet service
provider (ISP), you must configure a forwarder."
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Thanks, but that doesn't really spell it out. I am having a hard
time finding something that says never set a secondary DNS server
on a Windows domain client to an external DNS server. I need
something I can show that says only use internal DNS servers and
this is why you don't use external.
"Meinolf Weber" wrote:
Hello Barry,
See here:
http://support.microsoft.com/kb/323380
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
I am looking for a white paper that says in plain English that
when setting up DHCP, you don't need to add the ISP's DNS server
as a secondary DNS. It is best to use one of the many internal
DNS's, and then use forwarders. I can't seem to find a document
that spells that out. This is in a medium sized AD environment.
.
- References:
- Re: DNS Client Config
- From: Barry Alan
- Re: DNS Client Config
- Prev by Date: Re: DNS Client Config
- Next by Date: Re: Whole zones were deleted after scavenging
- Previous by thread: Re: DNS Client Config
- Next by thread: Re: DNS Client Config
- Index(es):
Relevant Pages
|
