Announcement

Collapse
No announcement yet.

Looking up computers through AD, DHCP, DNS in Windows world...

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Looking up computers through AD, DHCP, DNS in Windows world...

    Hi,

    We have 100+ buildings scattered in a radius of 40 km. Each building is connected to HQ and has a dedicated IP range (1024 hosts). There are about 10-300 computers in a building, both thick and thin clients, laptops and desktops. They are named pc001, pc002 and so on. I run "dcpromo" to set up a Windows 2003 domain "example.com" with DHCP, DNS and WINS services at HQ.

    Now, what I wish to achieve is the following...

    If pc256 is at building 1, it should resolve to pc256.building1.example.com
    If pc256 is at building 2, it should resolve to pc256.building2.example.com
    :
    If pc256 is at building 100, it should resolve to pc256.building100.example.com

    ...regardless if pc256 is a member of the "example.com" windows 2003 domain or not.

    Is this possible in the Windows domain world? If so, how?

    Note: we've looked into it a bit, but from what we've seen / heard, this is not possible or recommended because in the Windows world, you must have a dedicated Windows domain for each DNS subzone. Another concern is that messing with the DNS can cause the Windows domain to break. Please confirm or provide a few tips about how it could be done. Thanks!

    A.

  • #2
    Re: Looking up computers through AD, DHCP, DNS in Windows world...

    This cant be done.
    Active directory is closely related to the DNS naming convention.
    However you can define in which DNS suffixes it would register (aditionally).

    It will register itself (atleast will try) the the dns zone to which domain the computer is member of. This would mean that if you create a subdomain for every building, and you computer is member of the domain Building1.example.com, it would register itselfs that domain. If that computer is moved to another building, and the domain membership did not change, it will still register itself in Building1.example.com. Besides this, you can set a DNS suffix in which the client would register itself. If you define example.com as a DNS suffix, the client would try to register itself in the zone Building1.example.com and the zone Example.com.

    But if you are unsure in which building you would have to register in all.

    Now why you want to achive this?
    [Powershell]
    Start-DayDream
    Set-Location Malibu Beach
    Get-Drink
    Lay-Back
    Start-Sleep
    ....
    Wake-Up!
    Resume-Service
    Write-Warning
    [/Powershell]

    BLOG: Therealshrimp.blogspot.com

    Comment


    • #3
      Re: Looking up computers through AD, DHCP, DNS in Windows world...

      There is one major question:
      WHY?
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Looking up computers through AD, DHCP, DNS in Windows world...

        Thanks for the answer so far. We do not wish to create new Windows domains for each building, that would be too much work. This is not what we want. We wish to have one single Windows domain which manages clients in different DNS zones (building1, building2, etc.).

        Why?
        We wish to segment the network (one IP range per building) so that we have full control/overview when it comes to the resources out there (without having to introduce another layer, 3rd party software, etc.). From the moment a computer comes on the network, I'd like to see at least which building it is in without having to manually translate it's IP to meaningful info. Same goes when a computer starts making a mess, we'd like to see where it comes from just by reverse looking up it's IP address.

        Thanks again.

        A.

        Comment


        • #5
          Re: Looking up computers through AD, DHCP, DNS in Windows world...

          Part of the solution would be using AD sites and then using IP subnets to decide the site each building/floor etc. belong to. Only part of the solution but I'm sure others will add to this.

          Comment


          • #6
            Re: Looking up computers through AD, DHCP, DNS in Windows world...

            Yeah, what Virtual said. That way the computers will be associated to the Sites based on their IP configuration. You could even add the Location attribute on the Subnets properties and that way you can use Printer location tracking.
            Caesar's cipher - 3

            ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

            SFX JNRS FC U6 MNGR

            Comment


            • #7
              Re: Looking up computers through AD, DHCP, DNS in Windows world...

              Sounds like sites might be an approach. Do I have to set up a domain controller for each site? I hope not...

              How would I go about setting up the first building?

              Example:
              HQ is on 192.168.1.0/255.255.255.0
              Building #1 is 192.168.2.0/255.255.255.0
              Building #2 is 192.168.3.0/255.255.255.0
              ...and so on...

              What should be done on the domain controller? I guess I have to add a site in sites and services, add the IP range, etc. What about DNS?

              A.
              Last edited by allman2; 14th May 2009, 14:29. Reason: Typo.

              Comment


              • #8
                Re: Looking up computers through AD, DHCP, DNS in Windows world...

                The best thing is to use sites for each subnet. You should have that setup anyways if you're using AD. You then give each machine a site location. You can even base the location you're giving it on the IP address that it has.

                So 192.168.1.0/24 would have a site of USA/MA/Boston/123 Main St
                192.168.2.0/24 would be USA/MA/Worcester/321 Oak St
                ... etc ...

                Each machine would be assigned an IP in address that correlates with the Site/Location. Locations are setup something like this

                USA/MA/Boston/123 Main St/2nd Floor/Rm 4/Joe Smith's Machine
                GoogleFu is strong with this one ^

                Comment


                • #9
                  Re: Looking up computers through AD, DHCP, DNS in Windows world...

                  Originally posted by allman2 View Post
                  Sounds like sites might be an approach. Do I have to set up a domain controller for each site? I hope not...

                  How would I go about setting up the first building?

                  Example:
                  HQ is on 192.168.1.0/255.255.255.0
                  Building #1 is 192.168.2.0/255.255.255.0
                  Building #2 is 192.168.3.0/255.255.255.0
                  ...and so on...

                  What should be done on the domain controller? I guess I have to add a site in sites and services, add the IP range, etc. What about DNS?

                  A.
                  Each site will need it's own DC or alternatively, and I think I'm right with this, you can add 2 subnets to a particular site for its DC. Never done it before but assumke it's feasible.

                  Comment

                  Working...
                  X