Sign in with
Sign up | Sign in
Your question

Configuring 2nd DC on a Windows Network

Tags:
  • Windows
  • Domain
  • Windows Server 2003
  • DNS
  • Business Computing
Last response: in Business Computing
Share
March 29, 2013 2:18:15 PM

This is my situation: my company has a domain (call it A.COM) with a Windows Server 2003 DC. It is configured with a static IP address and the Primary DNS is set to the machine itself; i.e. 127.0.0.1. The clients all use DHCP for IP addresses and DNS addresses. There is a SECOND DC on the same network (also Windows Server), hosting a completely separate domain (B.COM). Security is not the primary concern, I would just like to be able to set up a Windows XP w/s on the second domain so it has internet access and can find the "B" DC. When I came on the scene the "B" DC was configured to use DHCP for both IP and DNS (like the A clients). I could join the XP workstation to B.COM (again, DHCP for both IP and DNS) and both the W/S and DC had internet access, but the w/s had a lot of trouble finding the B DC; e.g. most times if I wanted to set security on a folder I could only add local computer users, I couldn't see the domain. So I set the B DC to a static IP, set its DNS to 127.0.0.1 and set the client DNS to the IP of the DC and, while the client can now see the DC, NEITHER has internet access. At this point I'm not sure what to do I was hoping the good people on this forum could help me get through this by suggesting internet resources targeted to this configuration issue. Thanks.

More about : configuring 2nd windows network

March 29, 2013 2:44:55 PM

Search for "domain forest" on google.
m
0
l
March 29, 2013 2:47:48 PM

noidea_77 said:
Search for "domain forest" on google.


Okee-dokee, ni, all I wanted was a pointer. I'll take a look, thanks much.
m
0
l
Related resources
March 29, 2013 4:03:51 PM

Fix DNS. You need both dc's to have on a static IP as well. They should point to their own actual ip address. You need to have dns zones for both domains on each dc's dns so you can see the other domain from either dns even though they are on the same network. You can set it up to allow zone transfers between dns servers.
m
0
l
March 29, 2013 4:14:25 PM

ss202sl said:
Fix DNS. You need both dc's to have on a static IP as well. They should point to their own actual ip address. You need to have dns zones for both domains on each dc's dns so you can see the other domain from either dns even though they are on the same network. You can set it up to allow zone transfers between dns servers.

ss: OK, "Fix DNS" makes perfect sense, but I'm a bit confused about the rest of your answer. If DNS was set correctly on domain B then, taking into account that I'm no expert, there should be no reason I couldn't point B's primary DNS IP to itself and the client's to the same IP and everything should work. DNS is installed on B and I would like to just treat the two domains as completely separate, except for the fact that they share a gateway/DHCP server. DCA has a static IP, I tried one on DCB but, as I said, no Internet. One of the issues is that the router/DHCP server handles both the LAN and the phone system and the people who programmed it won't let me in, although they did give me what they said was a range of static IPs to use. But may I ask: why do I need Zones for both domains on each DC? If I don't need one "talking" to the other is that required (I'm researching forests so it may be that you HAVE to have a trust relationship, I don't know, but if it's not too much trouble perhaps you could answer that question or, again, point me to a reference)? I will look into DCB's DNS records and see if there's a problem.

Thanks much for taking the time to post.

m
0
l
March 29, 2013 6:00:32 PM

The problem that I see could arise from DNS issues is that you have two DNS servers on two separate domain controllers running on the same network. If DCA were on a different subnet or network range than DCB, then I don't think that there would be any difficulties. Still, if you have your workstation's primary DNS server pointed to the DCB server IP address, it shouldn't care that there is a conflicting or additional DNS server in the same network, the only thing that might have trouble is the DNS server itself which is where I'm betting you are getting the problem, and thus no internet on your workstation either.
m
0
l
March 30, 2013 4:58:38 AM

choucove said:
The problem that I see could arise from DNS issues is that you have two DNS servers on two separate domain controllers running on the same network. If DCA were on a different subnet or network range than DCB, then I don't think that there would be any difficulties. Still, if you have your workstation's primary DNS server pointed to the DCB server IP address, it shouldn't care that there is a conflicting or additional DNS server in the same network, the only thing that might have trouble is the DNS server itself which is where I'm betting you are getting the problem, and thus no internet on your workstation either.


Yes, that is how I saw it initially: if the clients' primary DNS server IP is pointed to DCB then, if DCB's DNS is set up correctly, it shouldn't matter that DCA is also a DNS server. Of course, as I say, I'm far from an expert, which is why I came here and why I am taking the advice of every one who kindly posted in response to my question and doing further research. I am going to learn more about how DNS zone records are structured and are supposed to be set up and see if there's something amiss in DCB. Also, while I of course understand how a client gets an IP address "automatically", I DON'T know how it gets a DNS server automatically and I'm afraid that the locked-down router might be involved in channeling all traffic to the DCA controller for that purpose (but that's just speculation).

Thanks for the info.

m
0
l
March 30, 2013 5:49:39 AM

So, we are making progress! The client typically get it's dns with the ip from the dhcp. That's why the dhcp in a domain is typically located on the dc. The dns on the dc holds the local names including it's own and forwards all internet addresses to the router, respectively your isps dns. With a fixed ip, you need to configure the internet dns - usually your router - in the dns of your dc. On the xp workstation, you can configure a fixed ip and the b-dc as the first or second dns.
m
0
l
March 30, 2013 6:44:01 AM

noidea_77 said:
So, we are making progress! The client typically get it's dns with the ip from the dhcp. That's why the dhcp in a domain is typically located on the dc. The dns on the dc holds the local names including it's own and forwards all internet addresses to the router, respectively your isps dns. With a fixed ip, you need to configure the internet dns - usually your router - in the dns of your dc. On the xp workstation, you can configure a fixed ip and the b-dc as the first or second dns.


Oh, yes, progress indeed, my eyes are actually burning from googling and clicking and reading everything I can on DNS/DC configuration (although my attention is currently divided between this problem and recursive sequences, but that's another matter).

DCA is configured with a static IP and its Gateway points to the router, its DNS, as I said, is the loopback address (it is a DNS server). It is NOT configured as the DHCP server, however, that's the router (I didn't put this in, that's the way the "expert" configured it). So the question is: if the DHCP server ALSO serves the IP of the DNS server, what happens on a client configured to use DHCP for its IP but which has a specific IP for its Primary DNS server? Does the latter override the former? (I'm just musing, I'll find the answer on the Internet because I know they can't put something on the Internet that isn't true :)  ). Remember, this DCB, which again I didn't configure, has a dynamic IP, at least for now.

Thanks for the info, ni.

m
0
l
March 30, 2013 6:58:17 AM

Just open a cmd.exe on a client and/or server and enter "ipconfig -all". That's the "only place of truth" for the actual ip, dns, gateway and so on. You should see an "external" dns and the router as the gateway, otherwise you will not get internet access.
m
0
l
March 30, 2013 12:13:32 PM

If your workstation is getting an IP address through DHCP, and that DHCP is set up on the router previously configured to point everything to the DCA server (I'm assuming?) then you are correct most likely that is the issue. The DHCP server is also passing along the primary DNS server address when the computer picks up an IP address, and this is probably pointing to the DCA server, which is conflicting with a static IP you might configure which would instead be pointing to the DCB server.

The other possibility is going to reside in the configuration of your DNS settings on your DCB server, and that basically is does the server point out to the same default gateway as your workstation is pointing for default gateway when you get a DHCP address? Also, does your server have a secondary DNS server IP address set up pointing to the outside internet DNS server, such as from your ISP?
m
0
l
!