Archived from groups: microsoft.public.win2000.setup (More info?)
Hi. I'm trying to convert our organization from using Windows NT as it's
primary domain controller, to using a nifty new Windows 2003 server box I
bought from Dell. I already had the rest of the network setup, running
pretty good. Others servers were (and still are used) for internet gateway,
file services (smb via Linux), and dialup services. What I'm having a
little trouble with is conceptually what to call our tree- or forest, or
whatever. Let's take the example of XYZ Cooling. We already have our web
site, xyzcooling.com, and it exists somewhere out on the internet hosted by
someone or other. Our mail services are handled by that same company. We
do have a static IP here at our site which is attached to our DSL and
internet gateway, however I've never really wanted to take on the burden of
dishing up email and web services. Also, I don't like the idea of
publishing our static ip for fear of some new sort of pingflood or whatever
they've come up with now.
When I go to name the AD server, say I'll call it XYZcooling, as the domain
name. Then, it seems to want a suffix - TLD? We tried .com, but then this
seems to create some confusion. If a user on my side of the firewall tries
to resolve xyxcooling.com, it determines that it's already defined in-house,
and won't go to our external web page. The consultant I am using thought it
would be appropriate to just change the TLD to '.prv', and that would solve
the problem.
Is this a proper way to solve this issue? I'm given to understand that
somehow or other, through routing tables or something, in the end it would
look something like this:
xyzcooling.com - resolves to the web server on the network. 132.222.222.121
or whatever..
xyz0000.xyzcooling.com - would be the AD controller.. (10.0.3.10 our
internal network)
xyzNT01.xyzcooling.com - would be the old NT PDC (10.0.3.1 our internal
network)
xyzRH02.xyzcooling.com - would be the beginning of my Linux Redhat boxes...
Internet gateway (10.0.3.5)
.
.
.
etc...
In this scenario, the AD controller would be setup to do name resolution,
not the Linux gateway as it's setup right now. This way, I could tell the
AD controller to intercede if it gets an address like
xyzrh05.xyzcooling.com. This way, I never have to mess with the DNS record
for the internet.
Is this how I go about doing this? Is this reasonable? Perhaps to cut down
on network traffic being passed through the switch, gateway through
10.0.3.10, and 10.0.3.5, should I setup some sort of cable connection
between the AD controller and the internet gateway? I _don't_ feel
comfortable plugging my DSL modem into ws2003 and having it do the firewall.
At some point I'd like to somehow replace 10.0.3.1 and use that as the
address as the new AD controller. Is this necessary? I always liked having
the root be 1.
Finally, If I'm terribly mistaken on how this whole thing ought to be
setup, if there is some magic wizard that makes this whole thing work
perfectly the first time, let me know. I've fiddled around with the
Configure your Server Wizard, but I'm still confused. I never find these
Microsoft Migration wizards are all they're cracked up to be anyway.
Thanks,
-BrianDP
Hi. I'm trying to convert our organization from using Windows NT as it's
primary domain controller, to using a nifty new Windows 2003 server box I
bought from Dell. I already had the rest of the network setup, running
pretty good. Others servers were (and still are used) for internet gateway,
file services (smb via Linux), and dialup services. What I'm having a
little trouble with is conceptually what to call our tree- or forest, or
whatever. Let's take the example of XYZ Cooling. We already have our web
site, xyzcooling.com, and it exists somewhere out on the internet hosted by
someone or other. Our mail services are handled by that same company. We
do have a static IP here at our site which is attached to our DSL and
internet gateway, however I've never really wanted to take on the burden of
dishing up email and web services. Also, I don't like the idea of
publishing our static ip for fear of some new sort of pingflood or whatever
they've come up with now.
When I go to name the AD server, say I'll call it XYZcooling, as the domain
name. Then, it seems to want a suffix - TLD? We tried .com, but then this
seems to create some confusion. If a user on my side of the firewall tries
to resolve xyxcooling.com, it determines that it's already defined in-house,
and won't go to our external web page. The consultant I am using thought it
would be appropriate to just change the TLD to '.prv', and that would solve
the problem.
Is this a proper way to solve this issue? I'm given to understand that
somehow or other, through routing tables or something, in the end it would
look something like this:
xyzcooling.com - resolves to the web server on the network. 132.222.222.121
or whatever..
xyz0000.xyzcooling.com - would be the AD controller.. (10.0.3.10 our
internal network)
xyzNT01.xyzcooling.com - would be the old NT PDC (10.0.3.1 our internal
network)
xyzRH02.xyzcooling.com - would be the beginning of my Linux Redhat boxes...
Internet gateway (10.0.3.5)
.
.
.
etc...
In this scenario, the AD controller would be setup to do name resolution,
not the Linux gateway as it's setup right now. This way, I could tell the
AD controller to intercede if it gets an address like
xyzrh05.xyzcooling.com. This way, I never have to mess with the DNS record
for the internet.
Is this how I go about doing this? Is this reasonable? Perhaps to cut down
on network traffic being passed through the switch, gateway through
10.0.3.10, and 10.0.3.5, should I setup some sort of cable connection
between the AD controller and the internet gateway? I _don't_ feel
comfortable plugging my DSL modem into ws2003 and having it do the firewall.
At some point I'd like to somehow replace 10.0.3.1 and use that as the
address as the new AD controller. Is this necessary? I always liked having
the root be 1.
Finally, If I'm terribly mistaken on how this whole thing ought to be
setup, if there is some magic wizard that makes this whole thing work
perfectly the first time, let me know. I've fiddled around with the
Configure your Server Wizard, but I'm still confused. I never find these
Microsoft Migration wizards are all they're cracked up to be anyway.
Thanks,
-BrianDP