[Message Prev][Message
Next][Thread Prev][Thread Next][Message
Index][Thread Index]
RE: Re: [OT] Window 7 connecting to a Win 2003 Domain
Uncanny. - That almost *exactly* word-for-word what I say virtually
every
day as well....
:-)
P.
-----Original Message-----
From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf Of
Paul
Sent: 24 February 2010 07:21
To: ukha_d@xxxxxxx
Subject: [ukha_d] Re: [OT] Window 7 connecting to a Win 2003 Domain
As I say almost everyday 80% of "problems" with AD are either DNS
or
permissions. The other 20% are PICNIC
Paul
--- In ukha_d@xxxxxxx, "Paul Gordon" <paul_gordon@...>
wrote:
>
> Ah, righto - welcome to the fun world of AD management.. Lesson number
> 1 is that DNS is absolutely fundamental to the very core of AD
operation...
>
> In the scenario you describe, DNS is almost certainly running on the
> SBS server and providing the DNS service to support the AD.
>
> Generally speaking, you almost always want to have ALL computers that
> are members of the domain (or want to be!)to use THAT as their primary
> DNS - Domain members have constant requirements to query for numerous
> Active Directory related resources, and if the clients can't query a
> DNS that has the AD's resource records all manner of things tend to go
screwy...
>
> There's no harm in setting the client to point to the SBS server as
> its
> *primary* DNS, and the existing gateway/router as its secondary DNS.
> I'm assuming that DNS settings are currently dished out by the DHCP
> service in the router, so you almost certainly want to update the DHCP
> scope options to give correct DNS settings to all clients. This
> involves no change to existing network services, and is a perfectly
> safe operation that should not break anything... (provided you take
> care to ensure that queries can still get out to the internet by one
of
the methods mentioned below).
>
> I presume the router is actually performing as a DNS proxy to the
> ISP's external DNS service, hence why the clients currently all point
to
it.
>
> What *I* would do in this environment, - based on what you've said so
> far - is...
>
> Confirm the SBS server is running DNS. This is almost certainly the
> case, since AD services won't allow you to complete the installation
> unless & until you provide it with an AD-compliant DNS service. -
(If
> AD setup can't find one on the network, it will offer to install DNS
> on the server you're building and just use that) Set the SBS servers'
> own DNS client settings to point to ITSELF as its primary DNS - ensure
> that it is set to "register this connections addresses in
DNS" - this
> is very likely already the case as the SBS setup probably configured
> that automatically.
> Set the DHCP scope on the router to give all other machines the SBS
> server as their primary/preferred DNS server. Optionally set it to
> also assign the router as their secondary/alternate DNS server.
> Configure the DNS Service running on the SBS server to use either the
> router
> *OR* if you know them, the ISP's external DNS addresses as FORWARDERS
> - the end result is the same, since the DNS in the router is almost
> certainly just proxying the queries onward to those ISP servers...
> If you really felt inclined, you could do both: set the ISPs DNS as a
> forwarder on the SBS, *and* set the clients to use the router as a
> secondary DNS... - then client queries have two distinct routes to get
> out to the external DNS...
>
> From a clients perspective, henceforth it will issue all DNS queries
> to the SBS server. - That's what you *need* to happen if the client is
> looking for AD resources... If the client is actually querying for
> something external, the DNS on the SBS server will forward the
> request, via the router, to the ISP... If for some reason the server
> can't forward the request, then if you've also set the router as the
> clients secondary DNS, then client can then re-issue the query
straight
out that way...
>
> HTH
>
> Paul G.
>
>
> -----Original Message-----
> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf
> Of Keith Doxey
> Sent: 23 February 2010 18:34
> To: ukha_d@xxxxxxx
> Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain
>
> Thanks Simon, will look for a copy :)
>
> -----Original Message-----
> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf
> Of Simon Coates
> Sent: 23 February 2010 17:55
> To: ukha_d@xxxxxxx
> Subject: Re: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain
>
> Keith,
>
> I can recommend 'Windows Server 2003' by Mark Minasi published by
> Sybex - extremely well written, and essential reading/reference if
> you're going to manage the server at work.
>
> Good luck.
>
> Simon
>
> ----- Original Message -----
> From: Keith Doxey
> To: ukha_d@xxxxxxx
> Sent: 23 February 2010 17:49
> Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain
>
>
>
> Hi Paul,
>
> Thanks for that. I guess *I* will be managing the AD from now on as
I
was
> taken on to cover IT related issues. At the moment the Router is the
> Gateway, DHCP server and DNS server for the network. Will have to
take a
> close look at the setup to see what I can change without breaking
the
> existing network.
>
> I now work for a telecoms firm and IP telephony is very important so
> I have
> to be careful what I change on the router. Will have to discuss it
with
a
> few people first but I am sure we will resolve it eventually.
>
> I guess the first step would be to tell the router that the server
> should be
> the DNS server. There is only one SBS2003 server in the network
> which is the
> DC, the remaining machines in the company are all running XP Pro
atm.
>
> Regards
>
> Keith
>
> -----Original Message-----
> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf
Of
> Paul Gordon
> Sent: 23 February 2010 17:10
> To: ukha_d@xxxxxxx
> Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain
>
> Hey Keith... may I can help a little...
>
> You say DNS is handled by the internet router, - I'm extremely
sceptical
> about this, - Active Directory depends absolutely on certain DNS
features:
> SRV records and Dynamic updates, primarily come to mind. (Although
> technically, dynamic updates aren't actually mandatory for AD, SRV
records
> absolutely are).
>
> I've never heard of a DNS service in a router that supports these
> features.
> - Of course it might just be that I've led a sheltered life for the
> last few
> years, and things do of course change, but nonetheless, until
confronted
> with incontrovertible proof, I just don't believe that the router is
> providing AD DNS services to support the domain. I'll bet you fiver
right
> here & now that DNS is installed & running on at least one
of the domain
> controllers in the domain... - you really need to set THAT DNS
service
as
> your primary DNS server in the Windows 7 client before you'll get
any
> success trying to join the domain... - Your Windows 7 client will be
> querying its configured DNS for SRV records to locate various
service
> connection points within the active directory; you need more than
> just name
> resolution of the DC name to its IP Address, and you need to be able
> to much
> more than just ping it...
>
> Go back to whomever is managing the AD, and get them to tell you the
> address
> of an AD-compliant DNS server....
>
> Paul G.
>
> -----Original Message-----
> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On Behalf
Of
> Keith Doxey
> Sent: 23 February 2010 16:16
> To: UKHA Discussion (UKHA Discussion)
> Subject: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain
>
> HELP !!!.
>
> Hi All, just started an new job and trying but failing to get my
laptop
to
> connect to the domain under Windows 7. I did eventually succeed
under XP
> yesterday after I entered details of
"<domain>.local" into both the
hosts
> file and the LM hosts file as I was getting an error message saying
> that it
> couldn't find a DNS entry for the domain controller.
>
> DNS is not handled by the windows server but by the internet router.
Since
> adding the entries to the host files I can now ping successfully.
>
> I tried exactly the same under Win7 but it hasn't worked. I CAN ping
> OK and
> also get further down the setup route but it fails at the final step
> complaining about DNS again.
>
> One more thing that was weird yesterday.... manually trying to join
the
> domain failed but the wizard succeeded. No luck with either method
in
> Windows 7
>
> Any network guru got a clue as to what I am doing wrong ?
>
> Thanks
>
> Keith
>
> [Non-text portions of this message have been removed]
>
> ------------------------------------
>
> Yahoo! Groups Links
>
> ------------------------------------
>
> Yahoo! Groups Links
>
>
>
>
>
> [Non-text portions of this message have been removed]
>
>
>
> ------------------------------------
>
>
> Yahoo! Groups Links
>
>
>
>
>
> ------------------------------------
>
>
> Yahoo! Groups Links
>
>
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 9.0.733 / Virus Database: 271.1.1/2700 - Release Date:
> 02/23/10
> 07:34:00
>
------------------------------------
UKHA_D Main Index |
UKHA_D Thread Index |
UKHA_D Home |
Archives Home
|