Archived from groups: microsoft.public.win2000.dns (
More info?)
Yes I know the cardinal rule, and why.
However when I was hired here, thats how it was.
It has taken some time to get to implementing
that change here. Of course since we had our
discussions before, my domain at home is
in 100% fine shape in that respect.
If ya's can't find the SRV record via ldap/dns
ya aren't gettin in too well.
..
"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message news:%23gPfptd0EHA.3364@TK2MSFTNGP12.phx.gbl...
> In news:asOod.29822$5b1.2635@newssvr17.news.prodigy.com,
> James W. Long <JamesLong@Dunhamshq.com> made a post then I commented below
>
> >>
> >> Have you forced updates for clients that cannot register into DNS
> >> under DHCP properties, DNS tab?
> >
> > sorry, you lost me on that one. I havent done a thing on any clients.
>
> That's not done on the clients. That's done in DHCP properties, DNS tab.
>
>
> > Are the clients ONLY using the internal DNS or is there
> >> a mixture of ISP's and internal DNS?
> >
> > unfortunately there IS a mix which I will be correcting next week.
>
> Did we at one time discuss this in the past in this newsgroup? That's a
> cardinal rule with AD and DNS. Here's a repost I use often to help
> understand AD and it's reliance on DNS, specifically the internal DNS
only.
> I hope it helps out...
>
> -------------------------------------
> AD & DNS:
> If you have your ISP's DNS addresses in your IP configuration (DCs and
> clients), they need to be REMOVED. This is what is
> causing the whole problem.
>
> Just a little background: AD uses DNS. DNS stores AD's resource and
service
> locations in the form of SRV records, hence how everything that is part of
> the domain will find resources in the domain. If the ISP's DNS is
configured
> in the any of the internal AD member machines' IP properties, (including
all
> client machines and DCs), the machines will be asking the ISP's DNS 'where
> is the domain controller for my domain?", whenever it needs to perform a
> function, (such as a logon request, replication request, querying and
> applying GPOs, etc). Unfortunately, the ISP's DNS does not have that info.
>
> If this is the current scenario, it is highly suggested and recommended to
> only use the internal DNS servers on the network that is hosting the AD
zone
> name. This applies to all machines, (DCs and clients). Believe me,
Internet
> resolution will still work with the use of the Root hints (as long as the
> root zone doesn't exist).
>
> However, for more effcient Internet resolution, it's HIGHLY recommended to
> configure a forwarder. If the forwarding option is grayed out, delete the
> Root zone (looks like a period). If not sure how to preform these two
tasks,
> please follow one of the two articles listed below, depending on your
> operating system. They show a step by step on how to perform these tasks:
>
> 323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003 :
>
http://support.microsoft.com/?id=323380
>
> 300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000 :
>
http://support.microsoft.com/?id=300202
>
>
> Some additional reading that may help:
>
> 825036 - Best practices for DNS client settings in Windows 2000 Server and
> in Windows Server 2003:
>
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036
>
> DNS and AD (Windows 2000 & 2003) FAQ:
>
http://support.microsoft.com/?id=291382
>
> Domain Controller's Domain Name System Suffix Does Not Match Domain Name:
>
http://support.microsoft.com/?id=257623
>
> Clients cannot dynamically register DNS records in a single-label forward
> lookup zone:
>
http://support.microsoft.com/?id=826743
>
> __________________________
>
> Ace
>
>