DNS Setup

[Phil Sigley]

Please help me as i am new to this, i administrate a
school network of around 300 machines. The domain is
allsaints.tameside.sch.uk the kids and teachers use
server.allsaints.tameside.sch.uk and the office staff use
admin.allsaints.tameside.sch.uk.

There is one DC for admin and 2 DCs for server, the
forward lookup zones in the DNS consoles on these servers
is as follows :

ADMIN :this has a forward lookup zone for
admin.allsaints.etc which contains a reference to that DC.

SERVER :the main DC has a foward lookup zone for
allsaints.tameside.sch.uk which contains references to all
the machines, and one for server.allsaints etc which just
references the DC. This DC is a bit botched.

I am putting new servers on the network and want to setup
the domain pupil.allsaints.tameside.sch.uk i want one of
these servers to be the main DNS server for the network
and soon after the server.allsaintsetc domain is going to
cease to exist along with its 2 DCs.

Could someone please help me along with what i need to do.
It would be most grateful.

Regards

Phil Sigley

 

[Ace Fekay [MVP]]

In

Please help me as i am new to this, i administrate a
school network of around 300 machines. The domain is
allsaints.tameside.sch.uk the kids and teachers use
server.allsaints.tameside.sch.uk and the office staff use
admin.allsaints.tameside.sch.uk.

There is one DC for admin and 2 DCs for server, the
forward lookup zones in the DNS consoles on these servers
is as follows :

ADMIN :this has a forward lookup zone for
admin.allsaints.etc which contains a reference to that DC.

SERVER :the main DC has a foward lookup zone for
allsaints.tameside.sch.uk which contains references to all
the machines, and one for server.allsaints etc which just
references the DC. This DC is a bit botched.

I am putting new servers on the network and want to setup
the domain pupil.allsaints.tameside.sch.uk i want one of
these servers to be the main DNS server for the network
and soon after the server.allsaintsetc domain is going to
cease to exist along with its 2 DCs.

Could someone please help me along with what i need to do.
It would be most grateful.

Regards

Phil Sigley

Phil, I'm sorry this is somewhate confusing and finding it difficult to
follow. I'm not sure what is a domain and what is a server in your
description. If you can break it down like this:

(just a sample):
In the allsaints.tameside.sch.uk domain, there are these servers:
server1 (domain controller and a DNS server)
server2 (domain controller and a DNS server)
admin (member server for file and print services)
server ( member server)

etc

And let us know if this is all one forest with 3 domains (a root and two
child domains?), or do you have separate forests or separate domains, etc.

One thing I can see is that:
pupil.allsaints.tameside.sch.uk
Iis a new domain you want to create. WIll this be a child domain, or a
domain in a separate forest?

Thanks!
--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Phil Sigley]

-----Original Message-----
In Phil Sigley <[email protected]> asked for help and I
offered my suggestions below:

Phil, I'm sorry this is somewhate confusing and finding it difficult to
follow. I'm not sure what is a domain and what is a server in your
description. If you can break it down like this:

(just a sample):
In the allsaints.tameside.sch.uk domain, there are these servers:
server1 (domain controller and a DNS server)
server2 (domain controller and a DNS server)
admin (member server for file and print services)
server ( member server)

etc

And let us know if this is all one forest with 3 domains (a root and two
child domains?), or do you have separate forests or separate domains, etc.

One thing I can see is that:
pupil.allsaints.tameside.sch.uk
Iis a new domain you want to create. WIll this be a child domain, or a
domain in a separate forest?

Thanks!
--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

Yes sorry i realise this must be confusing.

In the domain allsaints.tameside.sch.uk there is

DC1 (domain controller and DNS server)
DC2 (domain controller only)

In the domain admin there is (this is a totally
independent domain i have now realised)

adserver (domain controller and DNS server)

I have 2 new servers (X and Y).

I want allsaints.tameside.sch.uk as the domain and i want
pupil.allsaints.tameside.sch.uk as a child domain) all
this will run on X and Y.

DC1 and DC2 are going to be removed from the site
completly and all machines will be members of the chld
domain pupil.allsaints.tameside.sch.uk

I hope this is a bit clearer.

Phil Sigley

 

[Guest]

-----Original Message-----
child
domain, or a

Yes sorry i realise this must be confusing.

In the domain allsaints.tameside.sch.uk there is

DC1 (domain controller and DNS server)
DC2 (domain controller only)

In the domain admin there is (this is a totally
independent domain i have now realised)

adserver (domain controller and DNS server)

I have 2 new servers (X and Y).

I want allsaints.tameside.sch.uk as the domain and i want
pupil.allsaints.tameside.sch.uk as a child domain) all
this will run on X and Y.

DC1 and DC2 are going to be removed from the site
completly and all machines will be members of the chld
domain pupil.allsaints.tameside.sch.uk

I hope this is a bit clearer.

Phil Sigley
.

There is nothing on DC1 or DC2 that is critical as of this
coming monday so effectivly its like starting a new
network.

I want to create the allsaints.tameside.sch.uk with
pupil.allsaints.tameside.sch.uk as child this child is the
domain all the classroom computers will be members of.

Rgards

Phil Sigley

 

[Ace Fekay [MVP]]

In

There is nothing on DC1 or DC2 that is critical as of this
coming monday so effectivly its like starting a new
network.

I want to create the allsaints.tameside.sch.uk with
pupil.allsaints.tameside.sch.uk as child this child is the
domain all the classroom computers will be members of.

Rgards

Phil Sigley

Thanks for clearing that up a bit!

If you want to remove DC1 and DC2, then you are effectively removing the
allsaints.tameside.sch.uk, correct?

If you want to create the pupil domain as a child called
"pupil.allsaints.tameside.sch.uk", and you remove DC1 and DC2, which
effectively removes the "allsaints.tameside.sch.uk" domain, then this won't
be possible.

If this is the case, I'm still confused what domain will be the parent for
the new pupil odmain if you';re dumping the allsaints domain?

And this:
Is this is in a separate forest or in the same forest?
Is it part of tameside.sch.uk?
If so, is the domain FQDN called admin.tameside.sch.uk?




--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Phil Sigley]

"Ace Fekay [MVP]"

In


Thanks for clearing that up a bit!

If you want to remove DC1 and DC2, then you are effectively removing the
allsaints.tameside.sch.uk, correct?

If you want to create the pupil domain as a child called
"pupil.allsaints.tameside.sch.uk", and you remove DC1 and DC2, which
effectively removes the "allsaints.tameside.sch.uk" domain, then this won't
be possible.

If this is the case, I'm still confused what domain will be the parent for
the new pupil odmain if you';re dumping the allsaints domain?

And this:

Is this is in a separate forest or in the same forest?
Is it part of tameside.sch.uk?
If so, is the domain FQDN called admin.tameside.sch.uk?




--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

Yes it will be getting rid of the allsaints.tameside.sch.uk domain my
instrctions are to get rid of it and set up allsaints.tameside.sch.uk again
with pupil.allsaints.tameside.sch.uk as a child of this domain on the new
servers. All clients will then be added to the child domain. This is what i
dont know how to do, do i remove DC! and DC2 and just start afresh, no data
needs to be kept so i could. Or is there a better way? I was going to make X
and Y DCs for allsaints.tameside.sch.uk and demote DC1 and DC2 but i want to
create this child domain to keep things a bit tidier.

Admin is just admin?!?!? that is its full domain name it is the root of a
seperate forest (i think, im not well up on DNS), the story of why is a long
one but to cut it short it was built offsite and named the same as the
domains i run, this caused big trouble on the network at the time i
remember, eventually when my domain is set up as described i want them to
make it a child of allsaints.tameside.sch.uk. This to me seems logical, what
do you think???

Thanks for the help sp far

Phil Sigley

 

[Ace Fekay [MVP]]

In

Yes it will be getting rid of the allsaints.tameside.sch.uk domain my
instrctions are to get rid of it and set up allsaints.tameside.sch.uk
again with pupil.allsaints.tameside.sch.uk as a child of this domain
on the new servers. All clients will then be added to the child
domain. This is what i dont know how to do, do i remove DC! and DC2
and just start afresh, no data needs to be kept so i could. Or is
there a better way?

As long as allsaints.tameside.sch.uk is the parent and there are no current
child domains under it, and if you don't have anything else on there, no
user accounts, groups, etc.

I assume you are not running an Exchange and if so, and you want to delete
whatever users, you can use the Exmerge tool to pull the mailboxes out into
PSTs to use them for the new domain users.

Start fresh is the best way if you can do so.

I was going to make X and Y DCs for
allsaints.tameside.sch.uk and demote DC1 and DC2 but i want to create
this child domain to keep things a bit tidier.

Install DNS on each machine to be the DC
Point each DC's DNS in IP properties to its partner DC/DNS first, then
itself for the second entry.
Then promote the first as a new domain in a new forest called
allsaints.tameside.sch.uk domain.
Then promote the other machine as a replica DC in this domain.

Then setup the machines for the child domain, pupil.
Point their DNS settings to the two above DNS above.
Promote them as a new child domain under the allsaints domain.
Then once the first one is done, promote the other machine.

If pupil is across a WAN link, we can optimize DNS with delegations, but I
think you have it all in one building and doing this for security, since
domains are security boundaries anyway.

Admin is just admin?!?!? that is its full domain name it is the root
of a seperate forest (i think, im not well up on DNS), the story of
why is a long one but to cut it short it was built offsite and named
the same as the domains i run, this caused big trouble on the network
at the time i remember, eventually when my domain is set up as
described i want them to make it a child of
allsaints.tameside.sch.uk. This to me seems logical, what do you
think???

Seems that if it's in a separate forest, which according to what you're
saying, and you want it to be a child of allsaints, then that's fine, but it
has to be installed from scratch as a file, just can't move it over and make
it a child, which I'm sure you probably already know that part!

Thanks for the help sp far

Phil Sigley

Hope I understood everything and was able to help out.



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Phil Sigley]

-----Original Message-----
In Phil Sigley <[email protected]> asked for help and I offered my
suggestions below:

As long as allsaints.tameside.sch.uk is the parent and there are no current
child domains under it, and if you don't have anything else on there, no
user accounts, groups, etc.

I assume you are not running an Exchange and if so, and you want to delete
whatever users, you can use the Exmerge tool to pull the mailboxes out into
PSTs to use them for the new domain users.

Start fresh is the best way if you can do so.



Install DNS on each machine to be the DC
Point each DC's DNS in IP properties to its partner DC/DNS first, then
itself for the second entry.
Then promote the first as a new domain in a new forest called
allsaints.tameside.sch.uk domain.
Then promote the other machine as a replica DC in this domain.

Then setup the machines for the child domain, pupil.
Point their DNS settings to the two above DNS above.
Promote them as a new child domain under the allsaints domain.
Then once the first one is done, promote the other machine.

If pupil is across a WAN link, we can optimize DNS with delegations, but I
think you have it all in one building and doing this for security, since
domains are security boundaries anyway.



Seems that if it's in a separate forest, which according to what you're
saying, and you want it to be a child of allsaints, then that's fine, but it
has to be installed from scratch as a file, just can't move it over and make
it a child, which I'm sure you probably already know that part!


Hope I understood everything and was able to help out.



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

Thankyou, this has cleared things up for me somewhat, I
will follow this through and see what happens. Hopefully
it will go smoothly. Should do as i am on one site and not
a WAN and we dont run exchange.

As for admin it is about to have all the clients moved
over to xp from NT and a totally new version of MIS
software that runs on it is to be installed so i shall see
about getting it made a child then.

Thanks a lot for your help again, i would be very stuck
witout you.

Regards

Phil Sigley

 

[Phil Sigley]

Thankyou, this has cleared things up for me somewhat, I
will follow this through and see what happens. Hopefully
it will go smoothly. Should do as i am on one site and not
a WAN and we dont run exchange.

As for admin it is about to have all the clients moved
over to xp from NT and a totally new version of MIS
software that runs on it is to be installed so i shall see
about getting it made a child then.

Thanks a lot for your help again, i would be very stuck
witout you.

Regards

Phil Sigley

Sorry one last thing, do i need at least three servers to do what i want? or
can i use dns to create the parent and child domain on one server promote
that server as DC for the child and add the second server as second DC in
the child domain? is this possible? or would i need at least one server to
run as DC for allsaints.tameside.sch.uk and my two new servers as DCs for
pupil.allsaints.tameside.sch.uk.

 

[Ace Fekay [MVP]]

In

Thankyou, this has cleared things up for me somewhat, I
will follow this through and see what happens. Hopefully
it will go smoothly. Should do as i am on one site and not
a WAN and we dont run exchange.

As for admin it is about to have all the clients moved
over to xp from NT and a totally new version of MIS
software that runs on it is to be installed so i shall see
about getting it made a child then.

Thanks a lot for your help again, i would be very stuck
witout you.

Regards

Phil Sigley

No problem Phil.

One thing, didn't realize 'admin' domain was an NT4 domain. There's a tool
you can use called the ADMT tool to migrate the users to a new domain by
creating the new domain first (as a child of course according to your plans)
but one prob is if you name it the same, it won't work, among other things.
One thing you can do is upgrade the machine to W2k or W2k3 (forget which you
are going to) and opt to make it a child of your new allsaints domain root.



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Ace Fekay [MVP]]

In

Sorry one last thing, do i need at least three servers to do what i
want? or can i use dns to create the parent and child domain on one
server promote that server as DC for the child and add the second
server as second DC in the child domain? is this possible? or would i
need at least one server to run as DC for allsaints.tameside.sch.uk
and my two new servers as DCs for pupil.allsaints.tameside.sch.uk.

Recommendation is to have at least two servers per domain for a couple of
reasons:
1. Fault tolerance and redundancy
2. The Infrastructure Master FSMO Role needs to be moved off the machine
that is a GC to the other machine in the domain. This really only is a
factor in a multi-domain environment, such as what you are planning.

If you need more info on how to do that, post back.

2 each Phil!!




--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.