Removing ISA & DHCP, affects on DNS

  • Thread starter Thread starter Jeff
  • Start date Start date
J

Jeff

Hello all! I have two WIN2K A/D domain controllers on my network. One is
running DHCP, the other is running ISA. I am going to remove ISA & DHCP and
instead use a router. My questions are, what changes do I need to make on my
domain controllers once ISA and DHCP are removed? How do I configure DNS?
Thank you!
 
I am going to remove ISA & DHCP and instead use a router.
Your router will do DHCP?

Well, if yes, I suggest you configure the Router for DHCP first, authorize
it in AD, then stop DHCP on the current DC and TEST THOROUGHLY to be sure
that this Router is actually serving up IPs to requesting clients.

As for ISA, nothing special to do. Uninstall it and reconfigure your clients
to use the Router which I assume is also your firewall now.

If I have misunderstood you, please post back.
--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
 
In Jeff <[email protected]> posted a question
Then Kevin replied below:
: Hello all! I have two WIN2K A/D domain controllers on my network. One
: is running DHCP, the other is running ISA. I am going to remove ISA &
: DHCP and instead use a router. My questions are, what changes do I
: need to make on my domain controllers once ISA and DHCP are removed?
: How do I configure DNS? Thank you!
:

Removing ISA is fine, you should not have to make DNS configuration changes,
as long as the DCs are pointing to the internal DNS server for DNS in their
TCP/IP settings. That goes for all machines as for as DNS is concerned.

But I would highly suggest that you leave DHCP on the DC and not let the
router do DHCP. You may move DHCP to a member server if you have one, but
not to the router. DHCP in Win2k supports API's for Active Directory and can
be Authorized in AD. It also supports DNS registration in DNS of machines
with legacy operating systems such as NT4 and Win9x.

Are the DCs multihomed?
If they are you should consider removing the second NIC or disabling it
multihomed DCs are problematic for DNS registration and can cause connection
failures due to the multiple subnets.
 
I am going to remove ISA & DHCP and instead use a router.
Your router will do DHCP?

Well, if yes, I suggest you configure the Router for DHCP first,
authorize it in AD, then stop DHCP on the current DC and TEST
THOROUGHLY to be sure that this Router is actually serving up IPs to
requesting clients.

As for ISA, nothing special to do. Uninstall it and reconfigure your
clients to use the Router which I assume is also your firewall now.

If I have misunderstood you, please post back.
Click to expand...


Deji, I would actually agree with Kevin to use MS DHCP since the APIs work
hand in hand with MS DDNS, especially for secure updates. Besides, there's
more configuration options in MS DHCP... Not to say the router is not a good
DHCP server, but rather would have limited config options and control over
it. I would rather use a router's DHCP for a home network...

Cheers!
;-)


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
I agree. That was why I purposedly asked him if he was sure that's is his
intention. That was also the reason for the "test thoroughly" suggestion.
But, again, I've been to many clients where decisions like this are made
primarily for some reasons that have nothing to do with technical
practicality. Who knows, the decision may be driven by the simple fact that
his CEO/CTO or some other big enchilada at his company happened to have
recently played golf with the Router's Vendor/SalesManager and the said
vendor has impressed it upon this guy's CEO/CTO that "you can't rely on
anything from MS. Our appliance is next generation. blah blah".

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"Ace Fekay [MVP]"
 
I agree. That was why I purposedly asked him if he was sure that's is
his intention. That was also the reason for the "test thoroughly"
suggestion. But, again, I've been to many clients where decisions
like this are made primarily for some reasons that have nothing to do
with technical practicality. Who knows, the decision may be driven by
the simple fact that his CEO/CTO or some other big enchilada at his
company happened to have recently played golf with the Router's
Vendor/SalesManager and the said vendor has impressed it upon this
guy's CEO/CTO that "you can't rely on anything from MS. Our appliance
is next generation. blah blah".


Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"Ace Fekay [MVP]"
Click to expand...

Yes, I must agree there too....and the CEO or CTO just got a gold lined
$10,000.00 golf club to seal the deal ....
:-)

Cheers!


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top