Re: DHCP box and Windows 2003 Server Domain Controller documentation
- From: "Danny Sanders" <DSanders@xxxxxxxxxxxxxxx>
- Date: Mon, 10 Mar 2008 14:57:05 -0600
* We installed the DNS services in our Domain Controller (Windows 2003
Server) so the XP computers could see each other. I feel that this was a
mistake as our Internet Service Provider is providing DNS services as
well.
So far, they haven't been in conflict. Not yet, anyway.
Actually this is correct. AD MUST have a DNS server set up for the AD
domain. AD clients must point to the DNS server set up for the AD domain
ONLY. AD DCs MUST register their SRV records in DNS so AD clients can find
them. You don't want and your public ISP having anything to do with your
PRIVATE AD DNS records. You want your AD clients to look to your DNS server
first to be able to find resources on your domain. If they need resources
not on your domain (the entire Internet) you want to forward that request to
your ISP. In your case you would forward to your router which probably
forwards to your ISP.
* We assigned a static IP address to our Domain Controller.
Correct
* On the XP Computers, we explicitly set the primary DSN as our Domain
Controller and the secondary DSN as our DHCP/Router box, so the computers
could boot in a timely manner (without this, they don't do a thing for at
least 30 seconds right after login). This made me question the
effectiveness
of the Dynamic Host Configuration Protocol.
I'm assuming you mean DNS not DSN? If so pointing AD clients to a DNS server
that is not setup for the AD domain (your router) as primary will cause long
log in times. An AD client using a DNS server not set up for the AD domain
(your router) and using that DNS server as Alternate (the way you have it
setup) will cause a whole different set of problems. Mapped drives get
disconnected, if the Primary DNS server goes down and the AD client has to
use the alternate DNS server that is not setup for the AD domain you will
see long log in times when that server is used.
could boot in a timely manner (without this, they don't do a thing for at
least 30 seconds right after login). This made me question the
effectiveness
of the Dynamic Host Configuration Protocol.
Actually this is a DNS issue. An AD client MUST find the SRV records for
your domain in order to *find* the domain. That is why you need a DNS server
set up for the AD domain. You must use a DNS server that supports SRV
records. Does your router support SRV records? Most likely not.
Basic AD DNS setup is install DNS on the DC. Point the DC to itself for DNS
in the properties of TCP/IP. When the netlogon service runs the server will
register it's SRV records the AD clients need to find, in DNS.
Point all AD clients to the DNS server setup for the AD domain ONLY. Servers
are AD clients also. This way AD clients will find the SRV records in the
DNS zone and login properly.
For Internet access configure the AD DNS server to forward requests and list
the (usually ISP's dns server but in your case you should use the router)
This is the ONLY place on an AD domain where your ISP's (your router) should
be listed. Only as a forwarder.
I would suggest turning off the DHCP on the router and use the DHCP on the
Windows 2003 server. Use the router as a forwarder on your AD DNS server.
hth
DDS
"Tarh ik" <Tarhik@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0285D5C8-E9F5-424B-A20F-DA56E7ABF23E@xxxxxxxxxxxxxxxx
Hi Everybody!
I'd really appreciate if someone could tell me about some
documentation
I could read in the Microsoft Web Site that will help me understand how
the
following four items can talk in the same language:
* A Router/DHCP Box (call it a D-Link, a Cisco, a 3Com, a Linksys, etc)
* Windows 2003 Server as a Domain Controller (with Active Directory)
* Windows Vista
* Windows XP
The reason I'm asking is because we are doing some weird stuff to keep
our network working, and although it works, these solutions might generate
some issues in the future.
Here is what we did:
* We installed the DNS services in our Domain Controller (Windows 2003
Server) so the XP computers could see each other. I feel that this was a
mistake as our Internet Service Provider is providing DNS services as
well.
So far, they haven't been in conflict. Not yet, anyway.
* We assigned a static IP address to our Domain Controller.
* On the XP Computers, we explicitly set the primary DSN as our Domain
Controller and the secondary DSN as our DHCP/Router box, so the computers
could boot in a timely manner (without this, they don't do a thing for at
least 30 seconds right after login). This made me question the
effectiveness
of the Dynamic Host Configuration Protocol.
* On the Vista computer, we had to add the domain name as the suffix in
the
DSN configuration, so we could join it to the Domain.
Someone told me that we needed to install the DHCP services in the
Domain Server. That would mean to have two DHCP entities in the same
network,
which usually causes network disconnections - I know that by experience.
These issues started when we migrated to Windows 2003 Server.
Any help is greatly appreciated!!!
Best Regards,
Tarh Ik
.
- Follow-Ups:
- References:
- Prev by Date: Re: can ping but not see websites from clients
- Next by Date: Re: can ping but not see websites from clients
- Previous by thread: Re: DHCP box and Windows 2003 Server Domain Controller documentati
- Next by thread: Re: DHCP box and Windows 2003 Server Domain Controller documentati
- Index(es):
Relevant Pages
|
