Re: Re: [OT] Window 7 connecting to a Win 2003 Domain

[Wayne Harrison <Wayne@xxxxxxxxxxxxxxx>]

Must admit to not coming across that one! Have use the ID 10t code on
several occations though :-)

Sent from my iPod

On 24 Feb 2010, at 08:59, "Paul Gordon"
<paul_gordon@xxxxxxx> wrote:

> Uncanny. - That almost *exactly* word-for-word what I say virtually
> every
> day as well....
>
> :-)
>
> P.
>
> -----Original Message-----
> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
> Behalf Of
> Paul
> Sent: 24 February 2010 07:21
> To: ukha_d@xxxxxxx
> Subject: [ukha_d] Re: [OT] Window 7 connecting to a Win 2003 Domain
>
> As I say almost everyday 80% of "problems" with AD are
either DNS or
> permissions. The other 20% are PICNIC
>
> Paul
>
> --- In ukha_d@xxxxxxx, "Paul Gordon" <paul_gordon@...>
wrote:
>>
>> Ah, righto - welcome to the fun world of AD management.. Lesson
>> number
>> 1 is that DNS is absolutely fundamental to the very core of AD
> operation...
>>
>> In the scenario you describe, DNS is almost certainly running on
the
>> SBS server and providing the DNS service to support the AD.
>>
>> Generally speaking, you almost always want to have ALL computers
that
>> are members of the domain (or want to be!)to use THAT as their
>> primary
>> DNS - Domain members have constant requirements to query for
numerous
>> Active Directory related resources, and if the clients can't query
a
>> DNS that has the AD's resource records all manner of things tend
to
>> go
> screwy...
>>
>> There's no harm in setting the client to point to the SBS server
as
>> its
>> *primary* DNS, and the existing gateway/router as its secondary
DNS.
>> I'm assuming that DNS settings are currently dished out by the
DHCP
>> service in the router, so you almost certainly want to update the
>> DHCP
>> scope options to give correct DNS settings to all clients. This
>> involves no change to existing network services, and is a
perfectly
>> safe operation that should not break anything... (provided you
take
>> care to ensure that queries can still get out to the internet by
>> one of
> the methods mentioned below).
>>
>> I presume the router is actually performing as a DNS proxy to the
>> ISP's external DNS service, hence why the clients currently all
>> point to
> it.
>>
>> What *I* would do in this environment, - based on what you've said
so
>> far - is...
>>
>> Confirm the SBS server is running DNS. This is almost certainly
the
>> case, since AD services won't allow you to complete the
installation
>> unless & until you provide it with an AD-compliant DNS
service. - (If
>> AD setup can't find one on the network, it will offer to install
DNS
>> on the server you're building and just use that) Set the SBS
servers'
>> own DNS client settings to point to ITSELF as its primary DNS -
>> ensure
>> that it is set to "register this connections addresses in
DNS" - this
>> is very likely already the case as the SBS setup probably
configured
>> that automatically.
>> Set the DHCP scope on the router to give all other machines the
SBS
>> server as their primary/preferred DNS server. Optionally set it to
>> also assign the router as their secondary/alternate DNS server.
>> Configure the DNS Service running on the SBS server to use either
the
>> router
>> *OR* if you know them, the ISP's external DNS addresses as
FORWARDERS
>> - the end result is the same, since the DNS in the router is
almost
>> certainly just proxying the queries onward to those ISP servers...
>> If you really felt inclined, you could do both: set the ISPs DNS
as a
>> forwarder on the SBS, *and* set the clients to use the router as a
>> secondary DNS... - then client queries have two distinct routes to
>> get
>> out to the external DNS...
>>
>> From a clients perspective, henceforth it will issue all DNS
queries
>> to the SBS server. - That's what you *need* to happen if the
client
>> is
>> looking for AD resources... If the client is actually querying for
>> something external, the DNS on the SBS server will forward the
>> request, via the router, to the ISP... If for some reason the
server
>> can't forward the request, then if you've also set the router as
the
>> clients secondary DNS, then client can then re-issue the query
>> straight
> out that way...
>>
>> HTH
>>
>> Paul G.
>>
>>
>> -----Original Message-----
>> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
>> Behalf
>> Of Keith Doxey
>> Sent: 23 February 2010 18:34
>> To: ukha_d@xxxxxxx
>> Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003
Domain
>>
>> Thanks Simon, will look for a copy :)
>>
>> -----Original Message-----
>> From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
>> Behalf
>> Of Simon Coates
>> Sent: 23 February 2010 17:55
>> To: ukha_d@xxxxxxx
>> Subject: Re: [ukha_d] [OT] Window 7 connecting to a Win 2003
Domain
>>
>> Keith,
>>
>> I can recommend 'Windows Server 2003' by Mark Minasi published by
>> Sybex - extremely well written, and essential reading/reference if
>> you're going to manage the server at work.
>>
>> Good luck.
>>
>> Simon
>>
>>  ----- Original Message -----
>>  From: Keith Doxey
>>  To: ukha_d@xxxxxxx
>>  Sent: 23 February 2010 17:49
>>  Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003
Domain
>>
>>
>>
>>  Hi Paul,
>>
>>  Thanks for that. I guess *I* will be managing the AD from now on
>> as I
> was
>>  taken on to cover IT related issues. At the moment the Router is
the
>>  Gateway, DHCP server and DNS server for the network. Will have to
>> take a
>>  close look at the setup to see what I can change without breaking
>> the
>>  existing network.
>>
>>  I now work for a telecoms firm and IP telephony is very important
so
>> I have
>>  to be careful what I change on the router. Will have to discuss
it
>> with
> a
>>  few people first but I am sure we will resolve it eventually.
>>
>>  I guess the first step would be to tell the router that the
server
>> should be
>>  the DNS server. There is only one SBS2003 server in the network
>> which is the
>>  DC, the remaining machines in the company are all running XP Pro
>> atm.
>>
>>  Regards
>>
>>  Keith
>>
>>  -----Original Message-----
>>  From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
>> Behalf
> Of
>>  Paul Gordon
>>  Sent: 23 February 2010 17:10
>>  To: ukha_d@xxxxxxx
>>  Subject: RE: [ukha_d] [OT] Window 7 connecting to a Win 2003
Domain
>>
>>  Hey Keith... may I can help a little...
>>
>>  You say DNS is handled by the internet router, - I'm extremely
>> sceptical
>>  about this, - Active Directory depends absolutely on certain DNS
> features:
>>  SRV records and Dynamic updates, primarily come to mind.
(Although
>>  technically, dynamic updates aren't actually mandatory for AD,
SRV
> records
>>  absolutely are).
>>
>>  I've never heard of a DNS service in a router that supports these
>> features.
>>  - Of course it might just be that I've led a sheltered life for
the
>> last few
>>  years, and things do of course change, but nonetheless, until
>> confronted
>>  with incontrovertible proof, I just don't believe that the router
is
>>  providing AD DNS services to support the domain. I'll bet you
fiver
> right
>>  here & now that DNS is installed & running on at least
one of the
>> domain
>>  controllers in the domain... - you really need to set THAT DNS
>> service
> as
>>  your primary DNS server in the Windows 7 client before you'll get
>> any
>>  success trying to join the domain... - Your Windows 7 client will
be
>>  querying its configured DNS for SRV records to locate various
>> service
>>  connection points within the active directory; you need more than
>> just name
>>  resolution of the DC name to its IP Address, and you need to be
able
>> to much
>>  more than just ping it...
>>
>>  Go back to whomever is managing the AD, and get them to tell you
the
>> address
>>  of an AD-compliant DNS server....
>>
>>  Paul G.
>>
>>  -----Original Message-----
>>  From: ukha_d@xxxxxxx [mailto:ukha_d@xxxxxxx] On
>> Behalf
> Of
>>  Keith Doxey
>>  Sent: 23 February 2010 16:16
>>  To: UKHA Discussion (UKHA Discussion)
>>  Subject: [ukha_d] [OT] Window 7 connecting to a Win 2003 Domain
>>
>>  HELP !!!.
>>
>>  Hi All, just started an new job and trying but failing to get my
>> laptop
> to
>>  connect to the domain under Windows 7. I did eventually succeed
>> under XP
>>  yesterday after I entered details of
"<domain>.local" into both the
> hosts
>>  file and the LM hosts file as I was getting an error message
saying
>> that it
>>  couldn't find a DNS entry for the domain controller.
>>
>>  DNS is not handled by the windows server but by the internet
router.
> Since
>>  adding the entries to the host files I can now ping successfully.
>>
>>  I tried exactly the same under Win7 but it hasn't worked. I CAN
ping
>> OK and
>>  also get further down the setup route but it fails at the final
step
>>  complaining about DNS again.
>>
>>  One more thing that was weird yesterday.... manually trying to
>> join the
>>  domain failed but the wizard succeeded. No luck with either
method
>> in
>>  Windows 7
>>
>>  Any network guru got a clue as to what I am doing wrong ?
>>
>>  Thanks
>>
>>  Keith
>>
>>  [Non-text portions of this message have been removed]
>>
>>  ------------------------------------
>>
>>  Yahoo! Groups Links
>>
>>  ------------------------------------
>>
>>  Yahoo! Groups Links
>>
>>
>>
>>
>>
>> [Non-text portions of this message have been removed]
>>
>>
>>
>> ------------------------------------
>>
>>
>> Yahoo! Groups Links
>>
>>
>>
>>
>>
>> ------------------------------------
>>
>>
>> Yahoo! Groups Links
>>
>>
>>
>>
>> No virus found in this incoming message.
>> Checked by AVG - www.avg.com
>> Version: 9.0.733 / Virus Database: 271.1.1/2700 - Release Date:
>> 02/23/10
>> 07:34:00
>>
>
>
>
>
> ------------------------------------
>
>
> Yahoo! Groups Links
>
>
>
>
>
>
> ------------------------------------
>
>
> Yahoo! Groups Links
>
>
>



------------------------------------

<*> Join the Automated Home Forums
http://www.automatedhome.co.uk/vbulletin/