How to set up DNS on 2000 Server?
Being in process of migrating an NT4 Domain/PDC to 2000 Server under enourmous pressure (our PDC disk system crashed a few hours ago and we´re running on an emergency server at the moment), though I had read a lot of information on that topic, I can´t figure out exactly, how to do it properly: It should be a single ...
Being in process of migrating an NT4 Domain/PDC to 2000 Server under enourmous pressure (our PDC disk system crashed a few hours ago and we´re running on an emergency server at the moment), though I had read a lot of information on that topic, I can´t figure out exactly, how to do it properly:
It should be a single forest/single domain/not external visible PDC. We are using a Cisco PIX FW/Router, DNS is used the one of our ISP respectively the DNS forwarder of the PIX.
For example: Domain name was (and should remain) xxx-domain
PDC server name was yyy-nt01
ip was 10.43.1.10/ff.ff.ff.00
gateway was 10.43.1.2
DNS was - whatever, an external ip address
What should I use best on AD name, Domain name (DNS name), regarding that the server will only serve internally?
And how should DNS server be set up properly (any hint on a step-by-step-list?)
thanks for any kind of help
Llion
It should be a single forest/single domain/not external visible PDC. We are using a Cisco PIX FW/Router, DNS is used the one of our ISP respectively the DNS forwarder of the PIX.
For example: Domain name was (and should remain) xxx-domain
PDC server name was yyy-nt01
ip was 10.43.1.10/ff.ff.ff.00
gateway was 10.43.1.2
DNS was - whatever, an external ip address
What should I use best on AD name, Domain name (DNS name), regarding that the server will only serve internally?
And how should DNS server be set up properly (any hint on a step-by-step-list?)
thanks for any kind of help
Llion
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
HOW TO: Replace the Current Primary DNS Server with a New Primary DNS Server in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;323383
HOW TO: Configure DNS for Internet Access in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;323380
HOW TO: Configure DNS in a New Workgroup Environment in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;324259
Internal DNS and External DNS can be the same name as well as dont have to be.
http://support.microsoft.com/default.aspx?scid=kb;en-us;323383
HOW TO: Configure DNS for Internet Access in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;323380
HOW TO: Configure DNS in a New Workgroup Environment in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;324259
Internal DNS and External DNS can be the same name as well as dont have to be.
The DNS issue here is pretty easy to fix, especially considering that it sounds like you don't have any internal DNS servers running at the moment.
The internal DNS name you use is completely up to you, there are a couple suggestions you might want to follow;
-First, you can use a subdomain or your current Internet domain name, meaning that if your Internet domain name is currently "company.com", you could use the domain name "AD.company.com" or "corp.company.com" to start the Active Directory structure.
-Second, you can use the ".local" namespace. So, if your company domain name again is "company.com", then your internal namespace would be "company.local"
I personally, prefer the ".local" namespace because it easily distinguishes internal vs. external resources. And the ".local" namespace is a private namespace that will not be resolved by any Internet DNS servers, it's like using a private address space (10.x.x.x, etc...)
When you install Active Directory on Windows 2000/2003 server, the AD Installation Wizard will ask for the address of your primary internal DNS server, if you don't have one the Wizard will setup one for you on the server you are installing AD on. This option works just fine.
To allow yourself Internet capability, all you need to do is configure your Internal DNS server to forward any unknown name resolution requests to your ISP's external DNS server. When you do this, your Internal DNS server will handle all internal name resolution for all local resources, and the ISP DNS server will handle all external name resolution for all Internet resources.
One thing though, when you have the AD-installation wizard install DNS for you, it will create a "." zone. You need to delete the "." zone to configure your DNS server to forward. The reason for this is because the "." zone references your DNS server as a root DNS server. Your DNS server is NOT a root DNS server sao you can safely delete the "." zone and the check box to enable forwarding will be available.
Good luck and enjoy! If you have any specific questions on this, let me know and I can go into further detail.
The internal DNS name you use is completely up to you, there are a couple suggestions you might want to follow;
-First, you can use a subdomain or your current Internet domain name, meaning that if your Internet domain name is currently "company.com", you could use the domain name "AD.company.com" or "corp.company.com" to start the Active Directory structure.
-Second, you can use the ".local" namespace. So, if your company domain name again is "company.com", then your internal namespace would be "company.local"
I personally, prefer the ".local" namespace because it easily distinguishes internal vs. external resources. And the ".local" namespace is a private namespace that will not be resolved by any Internet DNS servers, it's like using a private address space (10.x.x.x, etc...)
When you install Active Directory on Windows 2000/2003 server, the AD Installation Wizard will ask for the address of your primary internal DNS server, if you don't have one the Wizard will setup one for you on the server you are installing AD on. This option works just fine.
To allow yourself Internet capability, all you need to do is configure your Internal DNS server to forward any unknown name resolution requests to your ISP's external DNS server. When you do this, your Internal DNS server will handle all internal name resolution for all local resources, and the ISP DNS server will handle all external name resolution for all Internet resources.
One thing though, when you have the AD-installation wizard install DNS for you, it will create a "." zone. You need to delete the "." zone to configure your DNS server to forward. The reason for this is because the "." zone references your DNS server as a root DNS server. Your DNS server is NOT a root DNS server sao you can safely delete the "." zone and the check box to enable forwarding will be available.
Good luck and enjoy! If you have any specific questions on this, let me know and I can go into further detail.
