D
Dave
Does anybody know how to create these directories when you create a manual
forward lookup?
forward lookup?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
M
Mac Ghani
Hi Dave,
Could you be more specific about what you want to do. I dont think I
understand what you mean by "manual forward lookup".
Do you mean to create these records manually in DNS?
Mac Ghani
Could you be more specific about what you want to do. I dont think I
understand what you mean by "manual forward lookup".
Do you mean to create these records manually in DNS?
Mac Ghani
K
Kevin D. Goodknecht Sr. [MVP]
In
It is possible to create these directories and the records in them it is
much easier and IMO better to allow Dynamic updates in the zone and let
netlogon create them. If you use AD integrated you can use secure updates
only so that only domain members can update the zone RRs.
Dave said:Does anybody know how to create these directories when you create a
manual forward lookup?
It is possible to create these directories and the records in them it is
much easier and IMO better to allow Dynamic updates in the zone and let
netlogon create them. If you use AD integrated you can use secure updates
only so that only domain members can update the zone RRs.
D
Dave
Yes the problem is I have two servers server A = Dave.co.uk and Server B =
Chris.com. They are on a lan server A= 192.168.1.1 and server B =
192.168.1.2 same subnet each have AD and dns installed and are separate
trees. Now when I set up Dns on Server A for example it automatically
installed a forward lookup for Dave.co.uk with directories _msdcs, _sites,
_tcp, _udp etc. I then created a new zone for Server B i.e. Chris.com. The
directories mentioned above were missing. I think this is some AD problem
because when I try to create a one way trust with server B being the trusing
server it tells me it can not find the domain can not be contacted. I have
stored al info in AD when creating this set up. Can you help?
Chris.com. They are on a lan server A= 192.168.1.1 and server B =
192.168.1.2 same subnet each have AD and dns installed and are separate
trees. Now when I set up Dns on Server A for example it automatically
installed a forward lookup for Dave.co.uk with directories _msdcs, _sites,
_tcp, _udp etc. I then created a new zone for Server B i.e. Chris.com. The
directories mentioned above were missing. I think this is some AD problem
because when I try to create a one way trust with server B being the trusing
server it tells me it can not find the domain can not be contacted. I have
stored al info in AD when creating this set up. Can you help?
K
Kevin D. Goodknecht Sr. [MVP]
In
Like this on the dave.co.uk DNS with the chris.com zone do this:
Open the chris.com zone create a "glue" host with the machine name of the
chris.com DC i.e. named serverB give it the IP of serverB.
Then right click in the zone select new delegation name it "_msdcs" (without
quotes) then give the FQDN of serverB.chris.com and the IP for the DNS
server. So on for all the subzones.
You can use secondary zones however if you do because of the continuous zone
updates you have with a dynamic zone you may have runtime events logged on
the secondary DNS server.
I would recommend Delegating these directories and use this method myself.Dave said:Yes the problem is I have two servers server A = Dave.co.uk and
Server B = Chris.com. They are on a lan server A= 192.168.1.1 and
server B = 192.168.1.2 same subnet each have AD and dns installed and
are separate trees. Now when I set up Dns on Server A for example it
automatically installed a forward lookup for Dave.co.uk with
directories _msdcs, _sites, _tcp, _udp etc. I then created a new zone
for Server B i.e. Chris.com. The directories mentioned above were
missing. I think this is some AD problem because when I try to create
a one way trust with server B being the trusing server it tells me it
can not find the domain can not be contacted. I have stored al info
in AD when creating this set up. Can you help? "Mac Ghani"
Like this on the dave.co.uk DNS with the chris.com zone do this:
Open the chris.com zone create a "glue" host with the machine name of the
chris.com DC i.e. named serverB give it the IP of serverB.
Then right click in the zone select new delegation name it "_msdcs" (without
quotes) then give the FQDN of serverB.chris.com and the IP for the DNS
server. So on for all the subzones.
You can use secondary zones however if you do because of the continuous zone
updates you have with a dynamic zone you may have runtime events logged on
the secondary DNS server.
D
Dave
The trouble is netlogon does not create them.
Kevin D. Goodknecht Sr. said:In
It is possible to create these directories and the records in them it is
much easier and IMO better to allow Dynamic updates in the zone and let
netlogon create them. If you use AD integrated you can use secure updates
only so that only domain members can update the zone RRs.
D
Dave
this last attempt works. I created the delegation as asked and it is fine.
thanks to all.
thanks to all.
M
Michael Johnston [MSFT]
First, make sure the DNS zone chris.com allows dynamic updates. To do this, open the properties of the zone and make sure that "Allow dynamic updates" is
set to yet. Next, verify the primary DNS suffix of the DC for Chris.com is correct. To do this right click on My Computer and choose properties. On the network
identification tab, the Full computer name should include chris.com. If not there is a script that will correct this. The last thing to check is to make sure that the
DC for Chris.com points to the DNS server that hosts Chris.com. This is usually the box itself.
Thank you,
Mike Johnston[MSFT]
Microsoft Network Support
--
This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.
set to yet. Next, verify the primary DNS suffix of the DC for Chris.com is correct. To do this right click on My Computer and choose properties. On the network
identification tab, the Full computer name should include chris.com. If not there is a script that will correct this. The last thing to check is to make sure that the
DC for Chris.com points to the DNS server that hosts Chris.com. This is usually the box itself.
Thank you,
Mike Johnston[MSFT]
Microsoft Network Support
--
This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.
K
Kevin D. Goodknecht Sr. [MVP]
In
Since you have two completely different namespaces sometimes you have to use
methods that are a little different.
If both servers were in the same domain they would have replicated the
zones, so I have found that delegating the AD subfolders works best in this
situation.
This way all clients can use both as DNS servers and the delegations make
sure they find the SRVs for correct DC.
That's a good deal.Dave said:this last attempt works. I created the delegation as asked and it is
fine. thanks to all.
Since you have two completely different namespaces sometimes you have to use
methods that are a little different.
If both servers were in the same domain they would have replicated the
zones, so I have found that delegating the AD subfolders works best in this
situation.
This way all clients can use both as DNS servers and the delegations make
sure they find the SRVs for correct DC.