Things to look out for in DNS

  • Thread starter Thread starter Mike K
  • Start date Start date
M

Mike K

We are starting our migration from NT 4.0 in the next few
months. Does anyone have advice or things you see people
doing wrong over and over? I don't want us to make the
same mistakes. We are going with a split-DNS design. (AD
inside, BIND as the slave)

Thanks
Mike
 
In
Mike K said:
We are starting our migration from NT 4.0 in the next few
months. Does anyone have advice or things you see people
doing wrong over and over? I don't want us to make the
same mistakes. We are going with a split-DNS design. (AD
inside, BIND as the slave)

Thanks
Mike
Click to expand...

Are you going to upgrade an NT4 or migrate by creating a new AD domain and
migrating the users?

The most common mistake in an NT4 upgrade is the domain suffix and Single
label domain names.
You need to know the DNS suffix of the AD domain in advance and put the
suffix in the domain suffix field on the NT4 TCP/IP properties BEFORE you
upgrade. Failing to do so will cause a disjointed name space in your AD
domain.

Your AD domain relies on DNS so you need a legal DNS name with a dot (".")
in it. Use a domain name like domainname.TLD (Replace the TLD with net, com,
org, or even local or lan.)
 
I think this might be the cause of the problem we are having. I can't
promote a new domain controller becuase it can't find our domain. I
am using MS DNS and have both servers pointed to it.

I wasn't here when the NT machine was upgraded. How can I tell if the
domain is disjointed and can it be fixed?

Jen
 
In
Jennifer Bates said:
I think this might be the cause of the problem we are having. I can't
promote a new domain controller becuase it can't find our domain. I
am using MS DNS and have both servers pointed to it.

I wasn't here when the NT machine was upgraded. How can I tell if the
domain is disjointed and can it be fixed?
Click to expand...
Look at your ipconfig /all, the Primary DNS suffix must be the same exact
name and spelling as the AD Domain name in ADU&C.
If it does not match it is called a disjointed name space because the domain
controller does not know where to register its SRV records. There is a fix
for this, you can contact MS support services for a script or email me
directly with your ipconfig /all and the domain name in ADU&C I generally
prefer to see a screen print of ADU&C for verification.

If it is a single label domain name you can make the registry entries from
this KB article to make the fix.
300684 - Information About Configuring Windows 2000 for Domains with
Single-Label DNS Names
http://support.microsoft.com/default.aspx?scid=kb;en-us;300684&FR=1
 
Thanks to all for the great info!!

Mike
-----Original Message-----
In
Look at your ipconfig /all, the Primary DNS suffix must be the same exact
name and spelling as the AD Domain name in ADU&C.
If it does not match it is called a disjointed name space because the domain
controller does not know where to register its SRV records. There is a fix
for this, you can contact MS support services for a script or email me
directly with your ipconfig /all and the domain name in ADU&C I generally
prefer to see a screen print of ADU&C for verification.

If it is a single label domain name you can make the registry entries from
this KB article to make the fix.
300684 - Information About Configuring Windows 2000 for Domains with
Single-Label DNS Names
http://support.microsoft.com/default.aspx?scid=kb;en- us;300684&FR=1








.
Click to expand...
 
Back
Top