Topic: W2k Active Directory Problem

[Cyrus Bharda]

Howdy all, well I fond out today that I can install a thingy called the admin pack for w2k so I can gain access to my domain controllers active directory from my 2k laptop, saves me the 500 mtr walk to it .

Recently we installed a SME 5.5 box do do internet gateway, firewall and email. Every since then i get a

"
Naming information could not be located because the server is not operational.
"
error pop up.

Now All we did was turn the DNS and DHCP off on the 2k server box so that the SME box could do the dhcp and dns. So I searched technet and pulled up the fix for it but I dont understand the fix!! its here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q278337

link may wrap.

So we do use the proxy on the SME box, so where do I make those changes?

Thanks,

Cyrus Bharda

[Brendon]

I'm not 100% sure but I think win2k clients use the Win2k Server DNS to find computers on the windows 2k domain. The DNS records are maintained dynamically through integration with active directory.

You loose this integration when you make e-smith be the DNS server. We run the same kind of setup as you except that we use the win2k server to do the DNS and DHCP because it has the above advantages when using win2k clients. to make sure that local network clients look to the e-smith server for web and mail we put www, and mail aliases in the win2k's DNS server. Your DNS server shouldn't need to serve to the external network. Your provider should provide external naming.

So basically the solution i can see is reinstall DNS and DHCP on the win2k server and disable it on the e-smith.

Cheers,

Brendon

[Graeme Fleming]

I would set up you network so that the DNS on the W2K box responds to all internal requests (ie clients would have this systems IP as their primary DNS server), setup the W2K DNS to use the e-smith box as a forwarder.

If you want a little bit of redundancy point the clients secondary DNS to the e-smith box; you will need the zone entries in the W2K DNS for the e-smith box and preferably any other server with a static IP; this is only easily acheived if you setup all w/s manually instead of using DHCP.

I have this DNS setup working at a clients site and it works well.

BTW - you could also run a split DHCP between the 2 boxes but it can cause the occasional problem with control over the DNS pointers.

[Cyrus Bharda]

Howdy again, it was the DNS so, I got it all working, but I did get this very interesting email from another list and am to newbiefied to understand exactly what it means:

--Begin Quote--
If it turns out that dns is the problem then either let the domain
controller update the zone or make the domain controller authoritive
over some of the sub-domains that Active Directory uses. That's how I got my linux
name server and active directory working nice. Here is the zone file for
reference.

$ORIGIN .
$TTL 259200 ; 3 days
home.local IN SOA ns.home.local. root.tuxwall.home.local.
(
199803621  ; serial
28800      ; refresh (8 hours)
7200       ; retry (2 hours)
2419200    ; expire (4 weeks)
86400      ; minimum (1 day)
)
NS ns.home.local.
MX 10 mail.home.local.
$ORIGIN home.local.
_msdcs NS pdc
_sites NS pdc
_tcp NS pdc
_udp NS pdc
imap A 192.168.1.1
mail A 192.168.1.1
mushroom A 192.168.1.144
ns A 192.168.1.1
pdc A 192.168.1.2
proxy A 192.168.1.1
tuxwall A 192.168.1.1
www A 192.168.1.1

--End Quote--

So what is this "zone" that is refered to as i would love it to work as above!

A HUGE Thanks to all of you who have helped out too!!!


Cyrus Bharda