Domain Controllers

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Can I have two DC controls on the same subnet same LAN but one is for
domainA.com and the other domainB.com? Will there be conflict as far as DNS
or DHCP?
4 answers Last reply
More about domain controllers
  1. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    "Andre" <Andre@discussions.microsoft.com> wrote in message
    news:1923FFBE-D70C-4E22-90DC-10FD73844DDD@microsoft.com...
    > Can I have two DC controls on the same subnet same LAN but one is for
    > domainA.com and the other domainB.com?

    Sure, not an issue.

    > Will there be conflict as far as DNS

    Not an issue as long as each client is set to
    use the DNS server which can resolve the
    names it needs (or that server can resolve them
    ALL which should usually be the case for
    internal setups like this.)

    DNS Clients use a internal DNS server which should
    be able to resolve (or seek resolution) for ALL
    names that client needs. (Remember, "servers" are
    DNS clients TOO.)

    > or DHCP?

    The answer is a little more complicated here since
    if two DHCP servers offer a scope to the same subnet
    (broadcast domain) then they will be used randomly
    by clients (usually the fastest one to answer.)

    You cannot expect one DHCP server to give out
    settings to the clients of one domain, that are different
    from the settings for clients of another Domain* since
    DHCP is not "domain" aware -- or even OS aware
    so this is true of Macs, Unix, etc.

    But as long as all of the clients on one subnet can
    accept the same settings then this can work. Notice
    the biggest problem here is likely to be DNS, first
    the server to use but we can fix that by making all
    servers resolve all names (as they should and was
    mentioned above.)

    Second is giving out DNS names or registering in
    DNS for the clients which really want work for
    two zones/domains. But the clients can still
    register for themselves.

    *There are two ways to deal with the issue of
    different settings for different sets of computers:

    1) Reservations

    2) Class IDs

    Many people have a limited understanding of
    "reservations" assuming that they are ONLY for
    giving out fixed IP addresses.

    Reservations, however, can also be used when
    you wish to give DIFFERENT options settings
    to a specific machine. They are tedious to use
    when you have a lot of machines that need this
    though.

    Thus the new (Win2000+) DHCP feature of classIDs.
    Class IDs allow every machine of a certain "class"
    to be given specific options settings.

    There are two kinds of class: Vendor and User.
    Vendor basically means "Microsoft supplied"
    and User means "admin created" (by you.)

    [Vendor classes are pre-existing in DHCP server,
    and pre-set on each type of machine, e.g,. XP versus
    Win2000 etc.]

    The toughest thing about using User classes is that
    each machine need to be "set" using

    IPConfig /setclassID CLASSNAME

    (or some equivalent)

    You can walk around to each machine or your
    can try to automate it.

    While almost anything CAN be set from a GPO,
    including this (using a script or registry entry) the
    problem is that by the time the GPO is downloaded
    and applied AFTER the network initiallizes (and
    all DHCP settings are already applied.)

    This means that while you can use a GPO to set this
    it will NOT work the very first time (of course the
    script can do a refresh after the /setclassID, but that
    still can leave some unfinished business.)

    So will it work? Sure, set a different User classid
    for each domain.

    (Developers: Consider making the Domain name
    a Vendor class?)


    --
    Herb Martin
  2. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Herb,

    I am just about to embark on a domain migration and your answer below sounds
    like what I also need to do regarding dns and dhcp. We will have 6 dc's in
    2 AD forests, you mention 'having servers to reslove all names'. From what
    I have gathered here, from the posts yourself and others that have been
    kindly provided, can you run this over for me?

    Original Domain:
    abc.com - 3 dc's - DNS is AD intergrated, also running WINS and exchange

    New Domain:
    xyz.local - 3 dc's - DNS will be AD integrated, will be running WINS and
    Exchange

    xyz.local will soon be built, and users, groups, computers etc will be
    migrated there from abc.com.......name resolution.......how could I get the
    dc's in zyx.local to provide dhcp/dns/wins for abc.com to ensure a smooth
    migration? I would like to have xyz.local's dns and wins absolutley 'spot
    on' before any objects are migrated there. Hopefully resolving names for
    abc.com and xyz.local so the transition wil be as smotth as possible.

    I know it's a long question, but any help much appreciated.

    TIA, Andrew

    "Herb Martin" <news@LearnQuick.com> wrote in message
    news:ewPcNSAIFHA.3628@TK2MSFTNGP15.phx.gbl...
    > "Andre" <Andre@discussions.microsoft.com> wrote in message
    > news:1923FFBE-D70C-4E22-90DC-10FD73844DDD@microsoft.com...
    > > Can I have two DC controls on the same subnet same LAN but one is for
    > > domainA.com and the other domainB.com?
    >
    > Sure, not an issue.
    >
    > > Will there be conflict as far as DNS
    >
    > Not an issue as long as each client is set to
    > use the DNS server which can resolve the
    > names it needs (or that server can resolve them
    > ALL which should usually be the case for
    > internal setups like this.)
    >
    > DNS Clients use a internal DNS server which should
    > be able to resolve (or seek resolution) for ALL
    > names that client needs. (Remember, "servers" are
    > DNS clients TOO.)
    >
    > > or DHCP?
    >
    > The answer is a little more complicated here since
    > if two DHCP servers offer a scope to the same subnet
    > (broadcast domain) then they will be used randomly
    > by clients (usually the fastest one to answer.)
    >
    > You cannot expect one DHCP server to give out
    > settings to the clients of one domain, that are different
    > from the settings for clients of another Domain* since
    > DHCP is not "domain" aware -- or even OS aware
    > so this is true of Macs, Unix, etc.
    >
    > But as long as all of the clients on one subnet can
    > accept the same settings then this can work. Notice
    > the biggest problem here is likely to be DNS, first
    > the server to use but we can fix that by making all
    > servers resolve all names (as they should and was
    > mentioned above.)
    >
    > Second is giving out DNS names or registering in
    > DNS for the clients which really want work for
    > two zones/domains. But the clients can still
    > register for themselves.
    >
    > *There are two ways to deal with the issue of
    > different settings for different sets of computers:
    >
    > 1) Reservations
    >
    > 2) Class IDs
    >
    > Many people have a limited understanding of
    > "reservations" assuming that they are ONLY for
    > giving out fixed IP addresses.
    >
    > Reservations, however, can also be used when
    > you wish to give DIFFERENT options settings
    > to a specific machine. They are tedious to use
    > when you have a lot of machines that need this
    > though.
    >
    > Thus the new (Win2000+) DHCP feature of classIDs.
    > Class IDs allow every machine of a certain "class"
    > to be given specific options settings.
    >
    > There are two kinds of class: Vendor and User.
    > Vendor basically means "Microsoft supplied"
    > and User means "admin created" (by you.)
    >
    > [Vendor classes are pre-existing in DHCP server,
    > and pre-set on each type of machine, e.g,. XP versus
    > Win2000 etc.]
    >
    > The toughest thing about using User classes is that
    > each machine need to be "set" using
    >
    > IPConfig /setclassID CLASSNAME
    >
    > (or some equivalent)
    >
    > You can walk around to each machine or your
    > can try to automate it.
    >
    > While almost anything CAN be set from a GPO,
    > including this (using a script or registry entry) the
    > problem is that by the time the GPO is downloaded
    > and applied AFTER the network initiallizes (and
    > all DHCP settings are already applied.)
    >
    > This means that while you can use a GPO to set this
    > it will NOT work the very first time (of course the
    > script can do a refresh after the /setclassID, but that
    > still can leave some unfinished business.)
    >
    > So will it work? Sure, set a different User classid
    > for each domain.
    >
    > (Developers: Consider making the Domain name
    > a Vendor class?)
    >
    >
    > --
    > Herb Martin
    >
    >
    >
  3. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    "Andrew" <noone@nowhere.com> wrote in message
    news:OsF6ZJBIFHA.3336@TK2MSFTNGP10.phx.gbl...
    > Herb,
    >
    > I am just about to embark on a domain migration and your answer below
    sounds
    > like what I also need to do regarding dns and dhcp. We will have 6 dc's
    in
    > 2 AD forests, you mention 'having servers to reslove all names'. From
    what
    > I have gathered here, from the posts yourself and others that have been
    > kindly provided, can you run this over for me?

    Sure but recognize that although we (humans)
    tend to think of a DNS server as being for it's
    "own domain", any DNS server can hold zones
    for any zone (which you control.)

    That's the key to understanding serveral of the
    methods.

    > Original Domain:
    > abc.com - 3 dc's - DNS is AD intergrated, also running WINS and exchange
    >
    > New Domain:
    > xyz.local - 3 dc's - DNS will be AD integrated, will be running WINS and
    > Exchange
    >
    > xyz.local will soon be built, and users, groups, computers etc will be
    > migrated there from abc.com.......name resolution.......how could I get
    the
    > dc's in zyx.local to provide dhcp/dns/wins for abc.com to ensure a smooth
    > migration?

    Have (all of) the DNS servers hold both zones.
    It's that simple unless the zones are huge and you
    cannot afford to transfer all of that info.


    > I would like to have xyz.local's dns and wins absolutley 'spot
    > on' before any objects are migrated there. Hopefully resolving names for
    > abc.com and xyz.local so the transition wil be as smotth as possible.
    >
    > I know it's a long question, but any help much appreciated.

    Sorry it's such a short answer but unless you
    don't "get the trick" that is all there is too it.

    There are other methods if you use Win2003
    DNS but they all come down to the same basic
    idea: Every DNS can resolve every name (or
    find another DNS which can).

    1) Common root using root hints (terrible if
    you must also resolve the Internet using
    root hints or forwarding since this
    defeats that strategy -- I can make it work
    but it is a lot of hacking around.)

    2) "Cross secondaries" described above.

    3) "Cross stub" zones -- same idea but without
    transferring all of the records (Win2003)

    4) Conditional forwarding (Win2003)

    #3 is only needed for "huge" zones in most cases,
    only works for Win2003, and doesn't fit your
    situation since you want to build all of your DNS
    before you install your second Domain.

    BTW, your desire to get it "all right" beforehand
    is a good one but eventually you will likely want
    to switch over to using AD Integrated DNS which
    usually means the DCs of the SAME domain will
    all (or largely) be DNS servers.

    In Win2000 using AD Integrated will means the
    DCs of Domain1 will be AD-integrated for the
    zone supporting Domain1, AND they will be
    secondaries for Domain2 (and vice versa.)

    This is what I call "cross secondaries" just as
    a name so we can talk about it once the principle
    is understood.
  4. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Herb - thankyou very much for your time.

    I've almost got a couple of test domains ready and will try to accomplish
    what you have advised below.

    Thanks again, Andrew


    "Herb Martin" <news@LearnQuick.com> wrote in message
    news:u4zfqDFIFHA.1172@TK2MSFTNGP12.phx.gbl...
    > "Andrew" <noone@nowhere.com> wrote in message
    > news:OsF6ZJBIFHA.3336@TK2MSFTNGP10.phx.gbl...
    > > Herb,
    > >
    > > I am just about to embark on a domain migration and your answer below
    > sounds
    > > like what I also need to do regarding dns and dhcp. We will have 6 dc's
    > in
    > > 2 AD forests, you mention 'having servers to reslove all names'. From
    > what
    > > I have gathered here, from the posts yourself and others that have been
    > > kindly provided, can you run this over for me?
    >
    > Sure but recognize that although we (humans)
    > tend to think of a DNS server as being for it's
    > "own domain", any DNS server can hold zones
    > for any zone (which you control.)
    >
    > That's the key to understanding serveral of the
    > methods.
    >
    > > Original Domain:
    > > abc.com - 3 dc's - DNS is AD intergrated, also running WINS and exchange
    > >
    > > New Domain:
    > > xyz.local - 3 dc's - DNS will be AD integrated, will be running WINS and
    > > Exchange
    > >
    > > xyz.local will soon be built, and users, groups, computers etc will be
    > > migrated there from abc.com.......name resolution.......how could I get
    > the
    > > dc's in zyx.local to provide dhcp/dns/wins for abc.com to ensure a
    smooth
    > > migration?
    >
    > Have (all of) the DNS servers hold both zones.
    > It's that simple unless the zones are huge and you
    > cannot afford to transfer all of that info.
    >
    >
    > > I would like to have xyz.local's dns and wins absolutley 'spot
    > > on' before any objects are migrated there. Hopefully resolving names
    for
    > > abc.com and xyz.local so the transition wil be as smotth as possible.
    > >
    > > I know it's a long question, but any help much appreciated.
    >
    > Sorry it's such a short answer but unless you
    > don't "get the trick" that is all there is too it.
    >
    > There are other methods if you use Win2003
    > DNS but they all come down to the same basic
    > idea: Every DNS can resolve every name (or
    > find another DNS which can).
    >
    > 1) Common root using root hints (terrible if
    > you must also resolve the Internet using
    > root hints or forwarding since this
    > defeats that strategy -- I can make it work
    > but it is a lot of hacking around.)
    >
    > 2) "Cross secondaries" described above.
    >
    > 3) "Cross stub" zones -- same idea but without
    > transferring all of the records (Win2003)
    >
    > 4) Conditional forwarding (Win2003)
    >
    > #3 is only needed for "huge" zones in most cases,
    > only works for Win2003, and doesn't fit your
    > situation since you want to build all of your DNS
    > before you install your second Domain.
    >
    > BTW, your desire to get it "all right" beforehand
    > is a good one but eventually you will likely want
    > to switch over to using AD Integrated DNS which
    > usually means the DCs of the SAME domain will
    > all (or largely) be DNS servers.
    >
    > In Win2000 using AD Integrated will means the
    > DCs of Domain1 will be AD-integrated for the
    > zone supporting Domain1, AND they will be
    > secondaries for Domain2 (and vice versa.)
    >
    > This is what I call "cross secondaries" just as
    > a name so we can talk about it once the principle
    > is understood.
    >
    >
    >
Ask a new question

Read More

Domain Active Directory Windows