Announcement

Collapse
No announcement yet.

Active Directory Implementation

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory Implementation

    Dear All,

    I'm new to this forum, this is my first question asking in this forum.

    We are going to implement active directory in our office, now we are working in workgroup environment, i have some doubts in dns. now we are using the public ip add provided by isp on dns preferred and alternate tab on all client systems and server. if we implement the AD, i should give the ip add of AD server as a dns address on all clients. then where i give the old dns address, without this internet wont work. pls guide mw how to configure this.

    Thanks and Regards,
    R. Suriya Prakash,
    91-9884656863.

  • #2
    Re: Active Directory Implementation

    Configure a DNS forwarder with the ISP's DNS server address. Have you read Daniel's articles on this? They tell you everything you need to know...
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

    Comment


    • #3
      Re: Active Directory Implementation

      In actual fact you don't need to do anything if root hints is enabled.

      If your DNS server can't resolve DNS it will forward to the Root Hints server.

      Comment


      • #4
        Re: Active Directory Implementation

        I ask this just to clarify my own understanding, but when you promote a DNS server to a DC, or install DNS as part of the dcpromo process, doesn't it create a root dns zone effectively disabling root hints?

        Comment


        • #5
          Re: Active Directory Implementation

          No. You create a zone for your AD domain. You use root hints or forwarders to resolve other domains.
          Gareth Howells

          BSc (Hons), MBCS, MCP, MCDST, ICCE

          Any advice is given in good faith and without warranty.

          Please give reputation points if somebody has helped you.

          "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

          "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

          Comment


          • #6
            Re: Active Directory Implementation

            What type of Internet connection do you use at your office? Do you have a firewall?

            1. During DCPROMO, you will be prompted to create a DNS server and necessary zones.

            2. On your DC's, the default behavior is for the root servers to be in the list (in another reply). Note: Root DNS servers will not talk to your Domain Controller, but redirect you to a another DNS server in the cloud.

            3. If you have a router/ firewall with NAT enabled, etc; it should intercept the DNS requests anyway, and will forward this on to it's configured DNS server (which normally you would want set as your ISP)

            4. Read Daniel's documents, as well as the Microsoft documentation on a small office deployment for Windows. There are a lot of security considerations you need to take into effect.

            Comment


            • #7
              Re: Active Directory Implementation

              If you are small enough to have a workgroup, look into SBS as all configuration will be done for you.

              With AD DNS, there are 2 sides -- internal name resolution (AD integrated) and external (forwarders are preferred but you can use root hints)
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd
              Scotland

              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment

              Working...
              X