dns and child domains

  • Thread starter Thread starter sally
  • Start date Start date
S

sally

hi,
for the last few days I've had problems with dns.
It kept stopping. So I set up a new active directory dns
on another domain controller. Altered dhcp to make this
one first choice. All well for a few hours.
Now I have a child domain that can't see any pcs in its
own domain or any other domains.
Active directory also now can't replicate and none of the
users on 98 clients are getting their passwords accepted.
Only error thats coming up is occassionally userenv 1000.
as server can see machines if you type in their ip
addresses and internet works I think it must be dns.
Help
 
Setting up DNS with a TRUE "tree of domains/zones" AND
doing Internet resolution can be a bit tricky.

Your machines (especially DCs) have to resolve potentially
every machine name in the tree which typcially means the
DNS servers must RECURSE (or all the clients must point
to the "top level", i.e., parent DNS zone server).

If the DNS servers do actual recursion INTERNALLY, this
more or less screws up the chance for them to resolve THE
Internet.

There are means to fix this, but let's see if this message helps
you understand it first.
 
Hello All,

When you stated that "you can't see all of the pc" what do you mean.
See them in AD? See them via "My network places"? See them registered in
DNS?
Please specify if possible.

Shane Brasher
MCSE (2003,2000,NT),MCSA Security, N+, A+
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.
 
sally said:
hi,
for the last few days I've had problems with dns.
It kept stopping. So I set up a new active directory dns
on another domain controller. Altered dhcp to make this
one first choice. All well for a few hours.
Now I have a child domain that can't see any pcs in its
own domain or any other domains.
Active directory also now can't replicate and none of the
users on 98 clients are getting their passwords accepted.
Only error thats coming up is occassionally userenv 1000.
as server can see machines if you type in their ip
addresses and internet works I think it must be dns.
Help
Click to expand...


I have a similar setup to yourself. I have a large forest with many levels
of child domain.
I can also do intertnet resolution without problems.
Ensure each of your child domains has a forwader set to its parent DNS
server. Each domain should ideally look after its own DNS zone. With
delegation records at the parent.
For internet resolution the top level DNS should have its . zone deleted and
a forwader set to your ISP's DNS.
This will allow each doamin (DNS zone) look after its own hosts. If not in
its own domain the it will forwad to its parent and so on up the tree. If an
internet address then the toplevel will refer it to the ISP.


As well as setting up DNS ensure your DHCP servers are configured to issue
the correct gatway addresses. theeres no point resolving an external address
if you cannot contact it.
 
Back
Top