Solved

Use of Windows2003 Server as DNS/DC/Web Server/Email Server behind a router with a broadband connection

Posted on 2004-08-21
4
225 Views
Last Modified: 2008-02-26
My question is very general because I am very new to all of this, please ignore my ignorance :-).

I would like to establish a domain that is apart of an active directory for an intranet. I would like to establish a webserver that can host ASP.NET pages for this domain in both internet and intranet settings. I would like to use Exchange as an email server for this domain on the internet.

I have tried this once and failed miserably! Let me tell you what I've tried.

I registered the domain praeclarum.org (currently points to a webhosting company). I installed Server2003. I named the computer SOLOMON. I made it a domain controller for praeclarum.org. I learned that it needed a DNS server, so I set that up too. However, I did not setup a reverse lookup table becuse I couldn't figureout the right settings (should I give public IP or router assigned IP, I know, I'm pathetic). I setup IIS to run with a default site. I renamed my zone because that seemed simple enough. During all of this, I received two errors/warnings. One stated that setting up DNS with a dynamic IP is a BAD idea. I clicked through since I really had no idea what else to do. The other stated that praeclarum.org's name servers were not correct (I honestly can't remember the exact error).

So I created one user account and joined an XP machine to the domain (PRAECLARUM). That worked! I could even view the web page by going to \\solomon. Nice! I then tried to setup folder redirection for My Documents as outlined in the book "The Ultimate Windows Server2003 Adminstration Guide". No errors, but the XP machine refused to use the network path for My COMputer. Also, it then took _absolutely forever_ for the XP machine to login to the domain. Obviously something was amiss, but I had no idea what.

I came to the conclusion that I had no idea what I was doing. I didn't even try pointing my domain to my computer for DNS. I didn't try installing Exchange either.

I have heard that it is a "bad idea" to have the DNS server and webserver/DC as the same machine. COupled with the fact that I have a dynamic IP it probably is a "really bad idea". So I am happy to use a service such as DynDNS. I just am tired of not knowing exactly what I am doing.

Please can someone give me tips/links/words of wisdom to accomplish my goals? I would really like a nice private intranet but also all the wonder of a proper internet server. I really want my domain name of praeclarum.org.

Thankyou very much!
0
Comment
Question by:fakrueger
  • 3
4 Comments
 
LVL 11

Accepted Solution

by:
infotrader earned 250 total points
ID: 11860454
1.  Get a router.  Although you may have a Dynamic DNS from your ISP, you can still setup a STATIC IP address for your Internal LAN.  Use port forwarding instead.  You DO need a stitic IP for what you are trying to do, or you'll have a lot of troubles.

2.  It is a "bad idea" to have a lot of services on your computer for security reasons and CPU usage reasons.  But that isn't your problem with your first installation

3.  It is typically better, especially in your situation, to have TWO seperate DNS.. one for Internal and one for External.  For example, you might want to call your Internal LAN (Active Directory Domain) praeclarum.local.  Then setup a praeclarum.org DNS (not active-directory-integrated) for the outside users.  It is much easier to manage and more secure as well!!

So...   what you need to do is:

1.  Get a router and either forward port 80, etc to your Internal server (i.e. 192.168.1.100, for example), or just do the DMZ thing and forward all traffice to 192.168.1.100.

2.  Assign a static IP of 192.168.1.100 (or something like that) to your server.  Install DNS, then make it a DC.  On the DNS setup, make sure that it can forward DNS queries to your External ISP's DNS server...  So anything being resolved for your internal network will be hosted by your DC, but anything outside will be answered by your ISP.

3.  Join your other workstations to the Domain.  Make sure the workstations' DNS entry is pointed to the DC instead.  You're going to have a lot of problems if the DNS is pointed, somehow, to a public DNS server.

In a nut shell, I think that is all you need to do to get yourself up and running.  In the long run, you might want to consider moving some of the services to another server, to spread out the risk.

- Info
0
 

Author Comment

by:fakrueger
ID: 11861867
Thanks for the info. I have re-installed 2003 just to start with a clean slate. I configured my router to assign the same IP 192.168.2.35 to the machine forever. After applying updates, I installed the domain controller for the domain praeclarum.local. After this process I installed and DNS server for praeclarum.local that had forward and reverse table (the reverse Network ID was set to 192.168.2). During this process, I still received the "dynamic ip" warnings. So I went to the network adapter and fixed its IP to 192.168.2.35, set the mask to 255.255.255.0 and the gateway to (the router) 192.168.2.1. Then I set its DNS to 192.168.2.35 (itself). The router is set to forward udp port 53 to the server. In the DNS setup, I selected forwarding to my ISP's servers: 204.127.198.4 (comcast). I then installed IIS because I love to jump the gun.

I thought I was doing really well since I only now receive to warnings and one error in the event logs. The two warnings are from Ldap and say something to the effect of: Lsasrv 40960 (no logon servers available) and 40961 (no authentication protocol available). THe error was for the time thingy saying it couldn't get to a server. However, the computer seems to run well. I can host aspx pages (by going to //solomon or //praeclarum.local).

My next step was to add an XP machine to the domain. This is where I run into trouble. When selecting the domain (during computer rename) I get the following error:

<< The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain praeclarum:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.praeclarum >>

This is so odd since it looks like that record exists in the DNS configuration, and PRAECLARUM is certainly the NetBIOS name. I even tried praeclarum.local but that returned a similar error.

Any ideas on this error?

Should I work myself around this problem, how do I go about setting up the public (Internet) domain praeclarum.org? DO I just point DynDNS at my server then install that name into my registrar's table?

How do I setup mail and IIS?

Thanks a bunch!

0
 

Author Comment

by:fakrueger
ID: 11861886
I should also add that I set the XP machine's DNS to the server and that works beautifully (I'm able to type this!). On the XP machine I can load the pages //solomon and //praeclarum.local. I just can't seem to join the domain!
0
 

Author Comment

by:fakrueger
ID: 11865421
I haven't a clue what I did. But somewhere between installing and removing a WINS server on SOLOMON, I was able to join my XP machine to the domain praeclarum.local. Only a few problems: IntelliMirror still doesn't work (I set it up according to the "Ultimate Admin Guide") and the machine takes for ever to log in (about 15 mins of "COnfiguring Computer").

So we're close but still not there. I enjoy my DNS and all, but it would seem that my Domain Controller is still a little broken.
0

Featured Post

Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now