Use of Windows2003 Server as DNS/DC/Web Server/Email Server behind a router with a broadband connection

My question is very general because I am very new to all of this, please ignore my ignorance :-).

I would like to establish a domain that is apart of an active directory for an intranet. I would like to establish a webserver that can host ASP.NET pages for this domain in both internet and intranet settings. I would like to use Exchange as an email server for this domain on the internet.

I have tried this once and failed miserably! Let me tell you what I've tried.

I registered the domain (currently points to a webhosting company). I installed Server2003. I named the computer SOLOMON. I made it a domain controller for I learned that it needed a DNS server, so I set that up too. However, I did not setup a reverse lookup table becuse I couldn't figureout the right settings (should I give public IP or router assigned IP, I know, I'm pathetic). I setup IIS to run with a default site. I renamed my zone because that seemed simple enough. During all of this, I received two errors/warnings. One stated that setting up DNS with a dynamic IP is a BAD idea. I clicked through since I really had no idea what else to do. The other stated that's name servers were not correct (I honestly can't remember the exact error).

So I created one user account and joined an XP machine to the domain (PRAECLARUM). That worked! I could even view the web page by going to \\solomon. Nice! I then tried to setup folder redirection for My Documents as outlined in the book "The Ultimate Windows Server2003 Adminstration Guide". No errors, but the XP machine refused to use the network path for My COMputer. Also, it then took _absolutely forever_ for the XP machine to login to the domain. Obviously something was amiss, but I had no idea what.

I came to the conclusion that I had no idea what I was doing. I didn't even try pointing my domain to my computer for DNS. I didn't try installing Exchange either.

I have heard that it is a "bad idea" to have the DNS server and webserver/DC as the same machine. COupled with the fact that I have a dynamic IP it probably is a "really bad idea". So I am happy to use a service such as DynDNS. I just am tired of not knowing exactly what I am doing.

Please can someone give me tips/links/words of wisdom to accomplish my goals? I would really like a nice private intranet but also all the wonder of a proper internet server. I really want my domain name of

Thankyou very much!
Who is Participating?
1.  Get a router.  Although you may have a Dynamic DNS from your ISP, you can still setup a STATIC IP address for your Internal LAN.  Use port forwarding instead.  You DO need a stitic IP for what you are trying to do, or you'll have a lot of troubles.

2.  It is a "bad idea" to have a lot of services on your computer for security reasons and CPU usage reasons.  But that isn't your problem with your first installation

3.  It is typically better, especially in your situation, to have TWO seperate DNS.. one for Internal and one for External.  For example, you might want to call your Internal LAN (Active Directory Domain) praeclarum.local.  Then setup a DNS (not active-directory-integrated) for the outside users.  It is much easier to manage and more secure as well!!

So...   what you need to do is:

1.  Get a router and either forward port 80, etc to your Internal server (i.e., for example), or just do the DMZ thing and forward all traffice to

2.  Assign a static IP of (or something like that) to your server.  Install DNS, then make it a DC.  On the DNS setup, make sure that it can forward DNS queries to your External ISP's DNS server...  So anything being resolved for your internal network will be hosted by your DC, but anything outside will be answered by your ISP.

3.  Join your other workstations to the Domain.  Make sure the workstations' DNS entry is pointed to the DC instead.  You're going to have a lot of problems if the DNS is pointed, somehow, to a public DNS server.

In a nut shell, I think that is all you need to do to get yourself up and running.  In the long run, you might want to consider moving some of the services to another server, to spread out the risk.

- Info
fakruegerAuthor Commented:
Thanks for the info. I have re-installed 2003 just to start with a clean slate. I configured my router to assign the same IP to the machine forever. After applying updates, I installed the domain controller for the domain praeclarum.local. After this process I installed and DNS server for praeclarum.local that had forward and reverse table (the reverse Network ID was set to 192.168.2). During this process, I still received the "dynamic ip" warnings. So I went to the network adapter and fixed its IP to, set the mask to and the gateway to (the router) Then I set its DNS to (itself). The router is set to forward udp port 53 to the server. In the DNS setup, I selected forwarding to my ISP's servers: (comcast). I then installed IIS because I love to jump the gun.

I thought I was doing really well since I only now receive to warnings and one error in the event logs. The two warnings are from Ldap and say something to the effect of: Lsasrv 40960 (no logon servers available) and 40961 (no authentication protocol available). THe error was for the time thingy saying it couldn't get to a server. However, the computer seems to run well. I can host aspx pages (by going to //solomon or //praeclarum.local).

My next step was to add an XP machine to the domain. This is where I run into trouble. When selecting the domain (during computer rename) I get the following error:

<< The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain praeclarum:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.praeclarum >>

This is so odd since it looks like that record exists in the DNS configuration, and PRAECLARUM is certainly the NetBIOS name. I even tried praeclarum.local but that returned a similar error.

Any ideas on this error?

Should I work myself around this problem, how do I go about setting up the public (Internet) domain DO I just point DynDNS at my server then install that name into my registrar's table?

How do I setup mail and IIS?

Thanks a bunch!

fakruegerAuthor Commented:
I should also add that I set the XP machine's DNS to the server and that works beautifully (I'm able to type this!). On the XP machine I can load the pages //solomon and //praeclarum.local. I just can't seem to join the domain!
fakruegerAuthor Commented:
I haven't a clue what I did. But somewhere between installing and removing a WINS server on SOLOMON, I was able to join my XP machine to the domain praeclarum.local. Only a few problems: IntelliMirror still doesn't work (I set it up according to the "Ultimate Admin Guide") and the machine takes for ever to log in (about 15 mins of "COnfiguring Computer").

So we're close but still not there. I enjoy my DNS and all, but it would seem that my Domain Controller is still a little broken.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.