Announcement

Collapse
No announcement yet.

windows 2003 dns vs windows 2000 dns

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • windows 2003 dns vs windows 2000 dns

    is DNS in windows 2003 structure different from windows 2000 dns structure?

    because i have another windows 2003 child doman (domain function level 2003) and its a child of a windows 2000 (mixed domain level) forest.

    now in my dns for windows 2003,

    i don't have a _msdc.<forest root domain>

    folder in my fwd lookup. which is very strange and i'm not sure why that is so. I have that folder on all of our windows 2000 child domains however.


    now as far as i can see, the windows 2003 domain functions fine. It has no problems with the forest root dc servers, but it does have replication issues with the child domains dcs on the same forest. Now i don't know if this is the cause or is windows 2003 dns servers no longer have the _msdc.<forest root domain> folder.


    not sure whats going on here.

  • #2
    Re: windows 2003 dns vs windows 2000 dns

    This is probably related to the previous problem, right? It certainly seems to explain things.

    There are important differences between w2000 and w2003 DNS. W2003 has additional zone types, with scopes replicating to the whole forest, or to all DNS servers (not: all DC's) in the domain.

    now in my dns for windows 2003,

    i don't have a _msdc.<forest root domain>

    folder in my fwd lookup. which is very strange and i'm not sure why that is so. I have that folder on all of our windows 2000 child domains however.
    So your forest root domain is W2000, correct? That explains why you don't have the _msdcs.forestroot in the W2003 domain. In w2000, the replication scope of this zone is the domain only. If you see the same zone on the W2000 childs, those must be replica's (secondary zones) because of the same reason. You can fix the W2003 domain by adding a secondary zone of the _msdcs.forestroot.

    now as far as i can see, the windows 2003 domain functions fine. It has no problems with the forest root dc servers, but it does have replication issues with the child domains dcs on the same forest. Now i don't know if this is the cause or is windows 2003 dns servers no longer have the _msdc.<forest root domain> folder.
    This also indicates DNS problems. I get the strong feeling that you have no proper delegation and forwarder structure in place. That makes it impossible for any host to resolve any other host, which is a must-have in an AD forest.

    Comment


    • #3
      Re: windows 2003 dns vs windows 2000 dns

      Originally posted by wkasdo
      This is probably related to the previous problem, right? It certainly seems to explain things.

      So your forest root domain is W2000, correct? That explains why you don't have the _msdcs.forestroot in the W2003 domain. In w2000, the replication scope of this zone is the domain only. If you see the same zone on the W2000 childs, those must be replica's (secondary zones) because of the same reason. You can fix the W2003 domain by adding a secondary zone of the _msdcs.forestroot.
      right, there is no secondary zone copy of the root forest dns zone. I was thinking why i needed a secondary zone copy of the forest dns servers, because i've set mine up to fwd any request outside of domain subnet to the forest dns servers. So as long as i've never added a secondary copy of the forest root dns servers, I should never get the msdcs.forestroot zone then. Would this apply if the forest root was a windows 2003 os rather than win2k?



      Originally posted by wkasdo
      This also indicates DNS problems. I get the strong feeling that you have no proper delegation and forwarder structure in place. That makes it impossible for any host to resolve any other host, which is a must-have in an AD forest.
      yeah, actually the replication issues is the upper IT is blocking everything between domains on the site. Now we had to go through an arm and leg of twisting to get them to open the right ports to communicate between our child domain to the root forest domain.

      so replication for AD is not a problem between us and the forest root, just between us and the child. DNS resolution between forest root to us is not a problem.

      this kinda of issue is hard to resolve because in the end its more beauracratic than technical.

      unfortunately.


      thanks for the help

      Comment

      Working...
      X