The UK Home Automation Archive

Archive Home
Group Home
Search Archive


Advanced Search

The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024


[Message Prev][Message Next][Thread Prev][Thread Next][Message Index][Thread Index]

RE: [OT] Window 7 connecting to a Win 2003 Domain



Ah, righto - welcome to the fun world of AD management.. Lesson number
1 is
that DNS is absolutely fundamental to the very core of AD operation...

In the scenario you describe, DNS is almost certainly running on the SBS
server and providing the DNS service to support the AD.

Generally speaking, you almost always want to have ALL computers that are
members of the domain (or want to be!)to use THAT as their primary DNS -
Domain members have constant requirements to query for numerous Active
Directory related resources, and if the clients can't query a DNS that has
the AD's resource records all manner of things tend to go screwy...

There's no harm in setting the client to point to the SBS server as its
*primary* DNS, and the existing gateway/router as its secondary DNS. I'm
assuming that DNS settings are currently dished out by the DHCP service in
the router, so you almost certainly want to update the DHCP scope options
to
give correct DNS settings to all clients. This involves no change to
existing network services, and is a perfectly safe operation that should
not
break anything... (provided you take care to ensure that queries can still
get out to the internet by one of the methods mentioned below).

I presume the router is actually performing as a DNS proxy to the ISP's
external DNS service, hence why the clients currently all point to it.

What *I* would do in this environment, - based on what you've said so far -
is...

Confirm the SBS server is running DNS. This is almost certainly the case,
since AD services won't allow you to complete the installation unless &
until you provide it with an AD-compliant DNS service. - (If AD setup can't
find one on the network, it will offer to install DNS on the server you're
building and just use that)
Set the SBS servers' own DNS client settings to point to ITSELF as its
primary DNS - ensure that it is set to "register this connections
addresses
in DNS" - this is very likely already the case as the SBS setup
probably
configured that automatically.
Set the DHCP scope on the router to give all other machines the SBS server
as their primary/preferred DNS server. Optionally set it to also assign the
router as their secondary/alternate DNS server.
Configure the DNS Service running on the SBS server to use either the
router
*OR* if you know them, the ISP's external DNS addresses as FORWARDERS - the
end result is the same, since the DNS in the router is almost certainly
just
proxying the queries onward to those ISP servers...
If you really felt inclined, you could do both: set the ISPs DNS as a
forwarder on the SBS, *and* set the clients to use the router as a
secondary
DNS... - then client queries have two distinct routes to get out to the
external DNS...

>From a clients perspective, henceforth it will issue all DNS queries to
the
SBS server. - That's what you *need* to happen if the client is looking for
AD resources... If the client is actually querying for something external,
the DNS on the SBS server will forward the request, via the router, to the
ISP... If for some reason the server can't forward the request, then if
you've also set the router as the clients secondary DNS, then client can
then re-issue the query straight out that way...

HTH

Paul G.


-----Original Message-----
From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf Of
Keith Doxey
Sent: 23 February 2010 18:34
To: ukha_d@xxxxxxx
Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain

Thanks Simon, will look for a copy :)

-----Original Message-----
From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf Of
Simon Coates
Sent: 23 February 2010 17:55
To: ukha_d@xxxxxxx
Subject: Re: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain

Keith,

I can recommend 'Windows Server 2003' by Mark Minasi published by Sybex -
extremely well written, and essential reading/reference if you're going to
manage the server at work.

Good luck.

Simon

----- Original Message -----
From: Keith Doxey
To: ukha_d@xxxxxxx
Sent: 23 February 2010 17:49
Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain



Hi Paul,

Thanks for that. I guess *I* will be managing the AD from now on as I was
taken on to cover IT related issues. At the moment the Router is the
Gateway, DHCP server and DNS server for the network. Will have to take a
close look at the setup to see what I can change without breaking the
existing network.

I now work for a telecoms firm and IP telephony is very important so I
have
to be careful what I change on the router. Will have to discuss it with a
few people first but I am sure we will resolve it eventually.

I guess the first step would be to tell the router that the server should
be
the DNS server. There is only one SBS2003 server in the network which is
the
DC, the remaining machines in the company are all running XP Pro atm.

Regards

Keith

-----Original Message-----
From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf Of
Paul Gordon
Sent: 23 February 2010 17:10
To: ukha_d@xxxxxxx
Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain

Hey Keith... may I can help a little...

You say DNS is handled by the internet router, - I'm extremely sceptical
about this, - Active Directory depends absolutely on certain DNS features:
SRV records and Dynamic updates, primarily come to mind. (Although
technically, dynamic updates aren't actually mandatory for AD, SRV records
absolutely are).

I've never heard of a DNS service in a router that supports these
features.
- Of course it might just be that I've led a sheltered life for the last
few
years, and things do of course change, but nonetheless, until confronted
with incontrovertible proof, I just don't believe that the router is
providing AD DNS services to support the domain. I'll bet you fiver right
here & now that DNS is installed & running on at least one of the
domain
controllers in the domain... - you really need to set THAT DNS service as
your primary DNS server in the Windows 7 client before you'll get any
success trying to join the domain... - Your Windows 7 client will be
querying its configured DNS for SRV records to locate various service
connection points within the active directory; you need more than just
name
resolution of the DC name to its IP Address, and you need to be able to
much
more than just ping it...

Go back to whomever is managing the AD, and get them to tell you the
address
of an AD-compliant DNS server....

Paul G.

-----Original Message-----
From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf Of
Keith Doxey
Sent: 23 February 2010 16:16
To: UKHA Discussion (UKHA Discussion)
Subject: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain

HELP !!!.

Hi All, just started an new job and trying but failing to get my laptop to
connect to the domain under Windows 7. I did eventually succeed under XP
yesterday after I entered details of "<domain>.local" into
both the hosts
file and the LM hosts file as I was getting an error message saying that
it
couldn't find a DNS entry for the domain controller.

DNS is not handled by the windows server but by the internet router. Since
adding the entries to the host files I can now ping successfully.

I tried exactly the same under Win7 but it hasn't worked. I CAN ping OK
and
also get further down the setup route but it fails at the final step
complaining about DNS again.

One more thing that was weird yesterday.... manually trying to join the
domain failed but the wizard succeeded. No luck with either method in
Windows 7

Any network guru got a clue as to what I am doing wrong ?

Thanks

Keith

[Non-text portions of this message have been removed]

------------------------------------


UKHA_D Main Index | UKHA_D Thread Index | UKHA_D Home | Archives Home

Comments to the Webmaster are always welcomed, please use this contact form . Note that as this site is a mailing list archive, the Webmaster has no control over the contents of the messages. Comments about message content should be directed to the relevant mailing list.