How to setup an unregistered internal AD domain whilst creating a domain controller
I am simply trying to experiment with creating and modifying domain controllers, and learning how to use Active directory.
I understand that DNS is integral to this in resolving names to addresses and so on. The two DNS addresses that were automatically selected on my home ADSL router are 217.13.4.24 and 217.13.7.140 which I have traced back to my service provider. If I am setting up my own DNS under 2000, should I be disabling the DNS on my router first?
Second issue: How do I chose and employ a ficticious domain name without getting into trouble on the WEB. How can I be sure that my new unregistered experimental domain called BIGFIRM.BIZ will not create problems with other DNS servers on the web. I am assuming that any DNS server on my LAN will eventually connect up with others on the WEB to confirm or inform of the existence of my new unregistered domain BIGFIRM.BIZ, and create problems. I read something somewhere about being able to chose between an internal domain name and one which is connected to the WEB. I have an ADSL connection both here and at school. Does that mean that I can not have an internal domain? As you can see I am very confused.
Third issue: I tried to convert my win2000 advanced server to a domain controller for the first time. Half way through the process I was warned that "No DNS server could be found" , which surprised me because "ipconfig /all" showed clearly the above 2 DNS server addresses. "Do you want win2000 to setup a DNS server?" was the next question. Mark Minasi wrote in his book MASTERING WIN2003 SERVER do not say yes to this option here. It only leads to problems. Instead stop the installation and make sure the DNS server has been properly setup. Then install the domain controller.
I did not follow his advice. I followed Microsofts RECOMMENDED option and allowed 2000 to create the DNS server. Then when I tried to join the new domain on another 2000 pro PC, I got the message that the domain could not be found and that perhaps I had a problem with DNS.
I would really value some answers to the above 3 points, as I need to setup 2003 server as a domain controller and 20 domain clients in the next week at school.
I understand that DNS is integral to this in resolving names to addresses and so on. The two DNS addresses that were automatically selected on my home ADSL router are 217.13.4.24 and 217.13.7.140 which I have traced back to my service provider. If I am setting up my own DNS under 2000, should I be disabling the DNS on my router first?
Second issue: How do I chose and employ a ficticious domain name without getting into trouble on the WEB. How can I be sure that my new unregistered experimental domain called BIGFIRM.BIZ will not create problems with other DNS servers on the web. I am assuming that any DNS server on my LAN will eventually connect up with others on the WEB to confirm or inform of the existence of my new unregistered domain BIGFIRM.BIZ, and create problems. I read something somewhere about being able to chose between an internal domain name and one which is connected to the WEB. I have an ADSL connection both here and at school. Does that mean that I can not have an internal domain? As you can see I am very confused.
Third issue: I tried to convert my win2000 advanced server to a domain controller for the first time. Half way through the process I was warned that "No DNS server could be found" , which surprised me because "ipconfig /all" showed clearly the above 2 DNS server addresses. "Do you want win2000 to setup a DNS server?" was the next question. Mark Minasi wrote in his book MASTERING WIN2003 SERVER do not say yes to this option here. It only leads to problems. Instead stop the installation and make sure the DNS server has been properly setup. Then install the domain controller.
I did not follow his advice. I followed Microsofts RECOMMENDED option and allowed 2000 to create the DNS server. Then when I tried to join the new domain on another 2000 pro PC, I got the message that the domain could not be found and that perhaps I had a problem with DNS.
I would really value some answers to the above 3 points, as I need to setup 2003 server as a domain controller and 20 domain clients in the next week at school.
ASKER
I'm responsible for small 20 PC school system.
1 I do not know if we have a cable/DSL modem or a cable/DSL router. All of our internal addresses are 10.0.0.x. Gateway = 10.0.0.1. Does that answer that question?
2 That was a help
3 I understand that there should only be one DHCP server unless they have different ip ranges. I forgot about configuring the client NICs. I will try that now.
1 I do not know if we have a cable/DSL modem or a cable/DSL router. All of our internal addresses are 10.0.0.x. Gateway = 10.0.0.1. Does that answer that question?
2 That was a help
3 I understand that there should only be one DHCP server unless they have different ip ranges. I forgot about configuring the client NICs. I will try that now.
1 - Sounds like you already have a router, since the 10.* network is private. So you've got that part covered already.
With that in mind, the Domain you already built should be nearly functional. All that's left is to configure your clients to point to the domain controller for DNS (whcih you are doing), and to configure the DNS service to forward unknown host queries on to your ISP's dns server. (Administrative Tools -> DNS. Right click the Domain Controller, select Properties. Forwarding tab. Check Enable Forwarders, and add your ISP's DNS server IPs to the list).
With that in mind, the Domain you already built should be nearly functional. All that's left is to configure your clients to point to the domain controller for DNS (whcih you are doing), and to configure the DNS service to forward unknown host queries on to your ISP's dns server. (Administrative Tools -> DNS. Right click the Domain Controller, select Properties. Forwarding tab. Check Enable Forwarders, and add your ISP's DNS server IPs to the list).
ASKER
I am still getting the same message. "Cannot find bigfirm.biz domain"
The following shows my server configuration:
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : moonburn
Primary DNS Suffix . . . . . . . : bigfirm.biz
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : bigfirm.biz
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adap
ter
Physical Address. . . . . . . . . : 00-0C-76-BC-83-53
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 10.0.0.5
The following is the client:
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : banan-----
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-0C-76-BC-83-53
DHCP Enabled. . . . . . . . . . . : Ja
IP Address. . . . . . . . . . . . : 10.0.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP server....................
DNS server....................
On the client I opened properties for Internet protocol(TCP/IP)
Selected USE THE FOLLOWING DNS SERVER
typed 10.0.0.5
did not alter anything under advanced
OK
OK
On the server I also did precisely the same change. I don't know if I should have left that with the original 2 external DNS addresses.
I also did what you said under the forwarders tab and put in one of the external DNS addresses.
On the INTERFACES tab I have selected only 10.0.0.5.
Under the MONITORING tab I have also done the 2 simple DNS tests and passed.
What have I done wrong??
The following shows my server configuration:
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : moonburn
Primary DNS Suffix . . . . . . . : bigfirm.biz
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : bigfirm.biz
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adap
ter
Physical Address. . . . . . . . . : 00-0C-76-BC-83-53
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 10.0.0.5
The following is the client:
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : banan-----
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-0C-76-BC-83-53
DHCP Enabled. . . . . . . . . . . : Ja
IP Address. . . . . . . . . . . . : 10.0.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP server....................
DNS server....................
On the client I opened properties for Internet protocol(TCP/IP)
Selected USE THE FOLLOWING DNS SERVER
typed 10.0.0.5
did not alter anything under advanced
OK
OK
On the server I also did precisely the same change. I don't know if I should have left that with the original 2 external DNS addresses.
I also did what you said under the forwarders tab and put in one of the external DNS addresses.
On the INTERFACES tab I have selected only 10.0.0.5.
Under the MONITORING tab I have also done the 2 simple DNS tests and passed.
What have I done wrong??
Hmm... everything in the ipconfig outputs looks correct. From the client workstation, if you run nslookup and query for moonburn.bigfirm.biz - does it find an IP address?
ASKER
dlwyatt82
I found a microsoft article on exactly this problem which enabled me to get it working.
I have now managed to join the domain from the client.
I think it was the use of
ipconfig /flushdns
and
ipconfig /registerdns
which did the trick maybe.
Does the issue of private and public domains centre around whether one has an
ADSL router as opposed to an ADSL modem (publicly routable ip address)?
Why do some private addresses begin with 10.0.0.x whilst others look like the address you mentioned above? (192.168.1.0)
I found a microsoft article on exactly this problem which enabled me to get it working.
I have now managed to join the domain from the client.
I think it was the use of
ipconfig /flushdns
and
ipconfig /registerdns
which did the trick maybe.
Does the issue of private and public domains centre around whether one has an
ADSL router as opposed to an ADSL modem (publicly routable ip address)?
Why do some private addresses begin with 10.0.0.x whilst others look like the address you mentioned above? (192.168.1.0)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks a lot for all the help. Much appreciated.
1: Use a private network. If your computer is hooked up directly to a cable / DSL modem (meaning you have a publicly routable IP address), STOP now and pick up a cheap cable/DSL router. You will want to start with a private network range, which will probably be something like 192.168.1.0 mask 255.255.255.0 by default, if you buy a Linksys router.
2: Ignore your internet provider's DNS for now, it is only there for you to look up hosts on the public internet. For your Active Directory, you will want your own private DNS server (most likely running on your Domain Controller), which you can configure later to forward queries to the ISP if you wish (more on that later). If this is done properly, you will not have to worry about any DNS conflicts on the web, regardless of what domain name you choose (no one on the internet will ever look up DNS records from your server - it is strictly for internal use by your Active Directory on the private network).
3: Once your DC is installed, and the DNS service is up and running, your clients / member servers will need to have their NICs configured so the Domain Controller is their primary DNS server. Since you will be on a private network segment by this point, you could choose to set up the DHCP service on your domain controller and configure client addresses that way (do NOT do this if you are on a network segment that you are not responsible for - IE, in a school environment, there may already be DHCP servers on the network. If you add your own unauthorized server, you will cause problems. Make sure you are on your own isolated physical segment before installing a DHCP server).