Re: Windows 2003 Question - doing some part time work for a friend

From: "Danny Sanders" <DSanders@xxxxxxxxxxxxxxx>
Date: Fri, 16 Feb 2007 14:53:44 -0700

Go to the properties of TCP/IP for the network adapter connecting the client
computer to the domain (Properties of my network places - Properties of the
NIC connecting you to the network - Properties of TCP/IP) and view the
entries for preferred DNS and alternate DNS.

Using your ISP's DNS server as "preferred" will cause long log in times and
using your ISP's DNS server as alternate will cause another set of problems.

You only want the IP address of the DNS server set up for the AD domain
listed here.

routers IP. I also have entered into that device, the isp's dns settings.
The linksys is giving DHCP out to everyone.

It looks like the Linksys is giving your AD clients the ISP's DNS servers IP
address. Change it to the DNS server set up for the AD domain. Possibly one
of the DCs. This right here is the root of all your problems.

When you log into an AD domain the client checks the DNS server listed in
the properties of TCP/IP to find SRV records for your AD domain.
Yours are looking on your ISP's DNS server. You don't want your ISP's public
(they give their DNS server IP address to all their clients) DNS server
holding the records that tell *everything* about your private domain. Your
ISP probably will not allow you to register records on their server.
What you do is set up you own DNS server to hold the DNS zone for your AD
domain. Register those sensitive private SRV records on a server under your
control. Point all your AD client to this server so only your AD clients can
find the resources on your domain. When your users log in, presumably it's
to do work. Their files are on the AD domain so you want them to search AD
first, you want your group policies to apply to their computers before they
do anything else. To do that they must find the DNS server that holds the
SRV records for the domain. Pointing them to your ISP causes them to search
for something that is not there. Point them to the DNS server for the AD
domain and they find the SRV records and group policy gets applied.

hth
DDS
"DefenderD90" <DefenderD90@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:547CF381-42B1-4737-A7F0-8B6AC86BF032@xxxxxxxxxxxxxxxx

"This is the ONLY place on an AD domain your ISP's DNS servers
should be listed. If it's on a client as the preferred DNS server it will
cause long log in times like you are seeing. If it is listed as alternate
it
will cause a whole other set of problems.
"

What do you mean by your last two sentences:

If it's on a client as the preferred DNS server it will
cause long log in times like you are seeing. If it is listed as alternate
it
will cause a whole other set of problems.

?

On the linksys BEFSX41, on the setup page, I have specified the router to
use the first ip in our block, the gateway, and the first usable host as
the
routers IP. I also have entered into that device, the isp's dns settings.
The linksys is giving DHCP out to everyone. I should tell each box on the
network to automatically pull an IP address, but manually specify the DNS
settings on each box yes? And each XP SP2 client should have the lan ip
of
the AD/PDC IP:, ie: 192.168.1.20(AD/DC).

I know this is leading to "setup your win2k3 server as a DNS server". is
it
hard w/ the GUI to configure these proper forwarding zones? I'm just
confused as to how clients get dns properly if they are pointed to the
DC/AD
server as the DNS server. Once the forwarding zones are setup correctly
on
the DNS configuration section on the windows 2003 server, how do the
clients
get this information. I know this is necessary for AD, but how does this
enable clients to still get to the outside world? This is taken care of
in
background traffic?

References:
- Re: Windows 2003 Question - doing some part time work for a friend
  - From: Danny Sanders

Prev by Date: Re: Server Rebooting
Next by Date: Re: FTP.exe creating .tmp files in c:\windows\system32???
Previous by thread: Re: Windows 2003 Question - doing some part time work for a friend
Next by thread: Old VB6 ActiveX Exe registered on Windows 2003 Server does not show both Objects in ActiveX Exe
Index(es):
- Date
- Thread

Relevant Pages

Re: userenv 1054 ratlos
... Please post an ipconfig /all from your DNS server and the ws. ... The DC for the network cant be found. ... message in the firewall logs, even if the client firewall is off, ... addition we found out that some ICMP packets of the client OUTGOING ...
(microsoft.public.windows.server.general)
Re: How to ICS WinXP-SP2? This should be simple! !ALMOST SOLVED!
... Internet and a FireWire connection for the home network. ... Make sure that the host is using the FireWire connection, ... DNS Server = none ... On the client, right click the FireWire connection and click Status ...
(microsoft.public.windowsxp.network_web)
Re: DNS stops working for external addresses after around an hour
... > as www.google.com or www.microsoft.com, however, the DNS server cannot ... > If this is the case, does the client DNS also point to the ISP DNS server? ... > network connectivity or the DNS service itself. ... > your DNS server and set the netmon to monitor the external NIC: ...
(microsoft.public.windows.server.dns)
Re: Server Shares Access
... | unable to browse the network via Network Places. ... Ask the user if he can ping the DC by name. ... configure the client to use the required dns server. ...
(microsoft.public.win2000.general)
Re: GPO problems
... It was the ISA 2004 firewall client. ... DNS settings and network properties on the server and client computers. ... > Service of SBS is configured to be the DNS server on the problematic ...
(microsoft.public.windows.server.sbs)