[Message Prev][Message
Next][Thread Prev][Thread Next][Message
Index][Thread Index]
Re: Re: [OT] Window 7 connecting to a Win 2003 Domain
May I ask, what's PICNIC?
Wayne.
On 24 Feb 2010, at 07:21, "Paul" <paul@xxxxxxx> wrote:
> As I say almost everyday 80% of "problems" with AD are
either DNS or
> permissions. The other 20% are PICNIC
>
> Paul
>
> --- In ukha_d@xxxxxxx, "Paul Gordon" <paul_gordon@...>
wrote:
>>
>> Ah, righto - welcome to the fun world of AD management.. Lesson
>> number 1 is
>> that DNS is absolutely fundamental to the very core of AD
>> operation...
>>
>> In the scenario you describe, DNS is almost certainly running on
>> the SBS
>> server and providing the DNS service to support the AD.
>>
>> Generally speaking, you almost always want to have ALL computers
>> that are
>> members of the domain (or want to be!)to use THAT as their primary
>> DNS -
>> Domain members have constant requirements to query for numerous
>> Active
>> Directory related resources, and if the clients can't query a DNS
>> that has
>> the AD's resource records all manner of things tend to go
screwy...
>>
>> There's no harm in setting the client to point to the SBS server
as
>> its
>> *primary* DNS, and the existing gateway/router as its secondary
>> DNS. I'm
>> assuming that DNS settings are currently dished out by the DHCP
>> service in
>> the router, so you almost certainly want to update the DHCP scope
>> options to
>> give correct DNS settings to all clients. This involves no change
to
>> existing network services, and is a perfectly safe operation that
>> should not
>> break anything... (provided you take care to ensure that queries
>> can still
>> get out to the internet by one of the methods mentioned below).
>>
>> I presume the router is actually performing as a DNS proxy to the
>> ISP's
>> external DNS service, hence why the clients currently all point to
>> it.
>>
>> What *I* would do in this environment, - based on what you've said
>> so far -
>> is...
>>
>> Confirm the SBS server is running DNS. This is almost certainly
the
>> case,
>> since AD services won't allow you to complete the installation
>> unless &
>> until you provide it with an AD-compliant DNS service. - (If AD
>> setup can't
>> find one on the network, it will offer to install DNS on the
server
>> you're
>> building and just use that)
>> Set the SBS servers' own DNS client settings to point to ITSELF as
>> its
>> primary DNS - ensure that it is set to "register this
connections
>> addresses
>> in DNS" - this is very likely already the case as the SBS
setup
>> probably
>> configured that automatically.
>> Set the DHCP scope on the router to give all other machines the
SBS
>> server
>> as their primary/preferred DNS server. Optionally set it to also
>> assign the
>> router as their secondary/alternate DNS server.
>> Configure the DNS Service running on the SBS server to use either
>> the router
>> *OR* if you know them, the ISP's external DNS addresses as
>> FORWARDERS - the
>> end result is the same, since the DNS in the router is almost
>> certainly just
>> proxying the queries onward to those ISP servers...
>> If you really felt inclined, you could do both: set the ISPs DNS
as a
>> forwarder on the SBS, *and* set the clients to use the router as a
>> secondary
>> DNS... - then client queries have two distinct routes to get out
to
>> the
>> external DNS...
>>
>> From a clients perspective, henceforth it will issue all DNS
>> queries to the
>> SBS server. - That's what you *need* to happen if the client is
>> looking for
>> AD resources... If the client is actually querying for something
>> external,
>> the DNS on the SBS server will forward the request, via the
router,
>> to the
>> ISP... If for some reason the server can't forward the request,
>> then if
>> you've also set the router as the clients secondary DNS, then
>> client can
>> then re-issue the query straight out that way...
>>
>> HTH
>>
>> Paul G.
>>
>>
>> -----Original Message-----
>> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
>> Behalf Of
>> Keith Doxey
>> Sent: 23 February 2010 18:34
>> To: ukha_d@xxxxxxx
>> Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003
Domain
>>
>> Thanks Simon, will look for a copy :)
>>
>> -----Original Message-----
>> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
>> Behalf Of
>> Simon Coates
>> Sent: 23 February 2010 17:55
>> To: ukha_d@xxxxxxx
>> Subject: Re: [ukha_d] [OT] Window 7 connecting to a Win 2003
Domain
>>
>> Keith,
>>
>> I can recommend 'Windows Server 2003' by Mark Minasi published by
>> Sybex -
>> extremely well written, and essential reading/reference if you're
>> going to
>> manage the server at work.
>>
>> Good luck.
>>
>> Simon
>>
>> ----- Original Message -----
>> From: Keith Doxey
>> To: ukha_d@xxxxxxx
>> Sent: 23 February 2010 17:49
>> Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003
Domain
>>
>>
>>
>> Hi Paul,
>>
>> Thanks for that. I guess *I* will be managing the AD from now on
>> as I was
>> taken on to cover IT related issues. At the moment the Router is
the
>> Gateway, DHCP server and DNS server for the network. Will have to
>> take a
>> close look at the setup to see what I can change without breaking
>> the
>> existing network.
>>
>> I now work for a telecoms firm and IP telephony is very important
>> so I
>> have
>> to be careful what I change on the router. Will have to discuss
it
>> with a
>> few people first but I am sure we will resolve it eventually.
>>
>> I guess the first step would be to tell the router that the
server
>> should
>> be
>> the DNS server. There is only one SBS2003 server in the network
>> which is
>> the
>> DC, the remaining machines in the company are all running XP Pro
>> atm.
>>
>> Regards
>>
>> Keith
>>
>> -----Original Message-----
>> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
>> Behalf Of
>> Paul Gordon
>> Sent: 23 February 2010 17:10
>> To: ukha_d@xxxxxxx
>> Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003
Domain
>>
>> Hey Keith... may I can help a little...
>>
>> You say DNS is handled by the internet router, - I'm extremely
>> sceptical
>> about this, - Active Directory depends absolutely on certain DNS
>> features:
>> SRV records and Dynamic updates, primarily come to mind.
(Although
>> technically, dynamic updates aren't actually mandatory for AD,
SRV
>> records
>> absolutely are).
>>
>> I've never heard of a DNS service in a router that supports these
>> features.
>> - Of course it might just be that I've led a sheltered life for
>> the last
>> few
>> years, and things do of course change, but nonetheless, until
>> confronted
>> with incontrovertible proof, I just don't believe that the router
is
>> providing AD DNS services to support the domain. I'll bet you
>> fiver right
>> here & now that DNS is installed & running on at least
one of the
>> domain
>> controllers in the domain... - you really need to set THAT DNS
>> service as
>> your primary DNS server in the Windows 7 client before you'll get
>> any
>> success trying to join the domain... - Your Windows 7 client will
be
>> querying its configured DNS for SRV records to locate various
>> service
>> connection points within the active directory; you need more than
>> just
>> name
>> resolution of the DC name to its IP Address, and you need to be
>> able to
>> much
>> more than just ping it...
>>
>> Go back to whomever is managing the AD, and get them to tell you
the
>> address
>> of an AD-compliant DNS server....
>>
>> Paul G.
>>
>> -----Original Message-----
>> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
>> Behalf Of
>> Keith Doxey
>> Sent: 23 February 2010 16:16
>> To: UKHA Discussion (UKHA Discussion)
>> Subject: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain
>>
>> HELP !!!.
>>
>> Hi All, just started an new job and trying but failing to get my
>> laptop to
>> connect to the domain under Windows 7. I did eventually succeed
>> under XP
>> yesterday after I entered details of
"<domain>.local" into both
>> the hosts
>> file and the LM hosts file as I was getting an error message
>> saying that
>> it
>> couldn't find a DNS entry for the domain controller.
>>
>> DNS is not handled by the windows server but by the internet
>> router. Since
>> adding the entries to the host files I can now ping successfully.
>>
>> I tried exactly the same under Win7 but it hasn't worked. I CAN
>> ping OK
>> and
>> also get further down the setup route but it fails at the final
step
>> complaining about DNS again.
>>
>> One more thing that was weird yesterday.... manually trying to
>> join the
>> domain failed but the wizard succeeded. No luck with either
method
>> in
>> Windows 7
>>
>> Any network guru got a clue as to what I am doing wrong ?
>>
>> Thanks
>>
>> Keith
>>
>> [Non-text portions of this message have been removed]
>>
>> ------------------------------------
>>
>> Yahoo! Groups Links
>>
>> ------------------------------------
>>
>> Yahoo! Groups Links
>>
>>
>>
>>
>>
>> [Non-text portions of this message have been removed]
>>
>>
>>
>> ------------------------------------
>>
>>
>> Yahoo! Groups Links
>>
>>
>>
>>
>>
>> ------------------------------------
>>
>>
>> Yahoo! Groups Links
>>
>>
>>
>>
>> No virus found in this incoming message.
>> Checked by AVG - www.avg.com
>> Version: 9.0.733 / Virus Database: 271.1.1/2700 - Release Date:
>> 02/23/10
>> 07:34:00
>>
>
>
>
>
> ------------------------------------
>
>
> Yahoo! Groups Links
>
>
>
------------------------------------
<*> Join the Automated Home Forums
http://www.automatedhome.co.uk/vbulletin/
UKHA_D Main Index |
UKHA_D Thread Index |
UKHA_D Home |
Archives Home
|