DNS and Member Server

  • Thread starter Thread starter Leo
  • Start date Start date
L

Leo

Hi all. I was trying to add a Windows 2000 server to an
already existing Windows 2000 domain as a member server.
This member server will function as a Web Server only.
Since I needed Exchange for email I needed to make the
server a member of my existing domain in order to be able
to setup Exchange 2003(I do not think there is any other
way for Exchange to work). As it is right now, I have the
Web server as a standalone on a different subnet for
example:

192.168.2.100

the domain master is at

192.168.1.150

Now when I right click on my computer and try to *join*
the domain from the Web Server it won't let me. Obviously
because it's on a different subnet. Can someone tell me
how do I go about making this standalone web server a
member of the domain on a different subnet?

Thank you very much
 
Leo said:
Now when I right click on my computer and try to *join*
the domain from the Web Server it won't let me. Obviously
because it's on a different subnet. Can someone tell me
how do I go about making this standalone web server a
member of the domain on a different subnet?
Click to expand...

Is there something routing packets? (Can you ping the domain
controller?) If not, that's the problem.

Otherwise it may be as a simple as not having DNS configured on the
member server.

You're corrent in thinking that AD is required to provide directory
services to Exchange 2003.
 
Hi Adam. Thank you for your reply. I have my servers
behind a firewall, and the gateway on the server is the IP
of the firewall, which I am now thinking might be the
problem (or not, I'll have to test is). The web server
will be sitting on a different interface on the firewall
(External Interface(DMZ), whereas the Domain Controller
sits on the Trusted interface), so now I am not sure if I
can join it to the domain at all.
 
I did install DNS on the member server. What sould I put
on the Forward Lookup zone? Should I make it a standard
primary and add the Domain controller as one of the DNS
servers?
 
In
Leo said:
I did install DNS on the member server. What sould I put
on the Forward Lookup zone? Should I make it a standard
primary and add the Domain controller as one of the DNS
servers?
Click to expand...


What Adam is saying, is that you CANNOT use an ISP's DNS or your router as a
DNS address in any AD member machines' IP properties. AD needs DNS and you
should only list (in DCs and clients) only the internal DNS, whichever DNS
is hosting the AD zone name for proper AD functionality. If you have
mutliple internal DNS servers, hopefully they will all have an exact copy of
the AD zone name.

Othewise, using something other than your internal DNS, it's guaranteed that
mutliple errors WILL occur. This is a very common error when designing or
implementing AD without the (with all due respect) proper research.

Whatever zone you create, it can be an AD Integrated zone (this option only
avail on a DC, this is a writable copy) or a Primary zone (this is a
"writable" copy) or a secondary zone, which is a "read only" copy from
either an AD Integrated zone or a Primary zone that is transferred by the
"zone transfer" process.

Do you already have a DNS server with a copy of the AD zone,probably on your
DC? If so, just use this as your DNS address for your AD machines, no matter
what subnet it is on. THis way when you try to join a domain (or numerous
other domain communication functions) it wll contact DNS to ask it "where is
the domain", and it will respond. Now if you havbe your ISP's DNS in there,
guess what's going to happen? Nothing...you'll get a "can't find domain"
message, among other things.

For efficient Internet resolution, it';s suggested that you configure a
forwarder (individually on each DNS server you have or just the DC if you
choose just to use that for now) to your ISP. If the forwarding option is
grayed out, remove the Root zone, and refresh teh console and try again.
This article will explain these two steps.
http://support.microsoft.com/?id=300202


Hope that helps.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top