Solved

Practice Domain (setup)

Posted on 2004-10-23
353 Views
Last Modified: 2010-04-19
 I'm tinkering with 2003 Server and want to practice with AD, client logons, etc.  I promoted the Server to a DC with a dummy domain name.  Problem now is that I can't have clients join the domain because the domain name is not registered.  I'm thinking that there are some settings in DNS that would allow me to not use internet resources and just work only within my practice bubble.

What I would like to have: A non-registered domain name that does not need internet activity so I can practice with 2003 Server.  The DC with DNS should resolve only for the dummy domain and not forward any requests to my isp's DNS servers.  The ability for clients (XP) to join the domain for practice.

Thanks Much
0
Question by:AJPhelps
    11 Comments
     
    LVL 95

    Assisted Solution

    by:Lee W, MVP
    The name doesn't have to be registered on the internet.  BUT, you must have a DNS server running on the DC and managing that domain.  DNS is KEY!

    What (if any) error messages are you getting when you try to have the clients join the domain?
    0
     
    LVL 6

    Assisted Solution

    by:Casca1
    What messages are displayed in the event logs?
    AD requires DNS. I would recommend setting the server DNS addie to itself, no secondary (unless you have two DC's), and hand out client IPs via DHCP, and set the scope options for the clients. DHCP is not required, but makes life simpler.
    Good Luck!
    0
     
    LVL 11

    Accepted Solution

    by:
    the ms recommended domain name is yourdomainname.local.
    does your dns server have a root zone? its the "." zone in your dns zones.
    if its not there:
    Create a "." Forward Lookup Zone on the DNS server that you want to be a root server in the DNS Management Console.
    Restart the Microsoft DNS Service on the appropriate computer.
    Reload the data files, and then quit and restart your Managment Console.
    but a detailed error message would help.
    maybe it's a missing "dynamic updates allowed" in the dns configuration.
    0
     

    Author Comment

    by:AJPhelps
     The order of events went:
    -Had 2003 Server Standard loaded (basically fresh install except for a few shared folders created.
    -Promoted the server to a DC with the "typical configuration setting"
    -Called the domain "mydomain.com" ***Upon reading the comments, it looks like this is where I went wrong.  Strangely, when I restarted and repromoted, it specifically stated to put ".local" to keep it seperate from the internet (something I don't recall seeing the first time).  I now put in mydomain.local
    -Prior to trying again, it never installed DHCP on its own as part of the promotion.  It appears to be doing it on this try.  While I don't require it, I guess it wouldn't hurt to tinker with this part as well.
    -Finished promoting and things seem to be going well....fingers crossed.

    Just as a last note, What exactly should the TCP/IP settings be for the server assuming it is connected to my local LAN that has a Linksys router performing DHCP and routing duties? I have set the servers IP address static on the same private subnet as the router and the other computers in the LAN (192.168...) and all computers that will join the domain will have static ip's as well.

    DNS servers = currently set to point to itself, and pointed forwarding to my isp.  radio button selected for "Append primary and connection specific DNS suffixes"  as well as the checkbox "append parent suffixes of the primary DNS suffix"  And "register this connection's addres in DNS" is also selected.
    Gateway = currently pointed to the Linksys router.

    Thanks for the insight...points awarded in a little lopsided way. A few for the ones who answered and the lion's share to the answer that pointed me in the right direction.
    0
     
    LVL 11

    Expert Comment

    by:WeHe
    the ip settings look ok.
    allways use static ips for servers and you feel free to use dhcp for your clients.
    but u have to deinstall the windows dhcp.
    if you configure it, it will prevent your clients to get addresses from the dhcp on the router.
    a dc should allways point to itself for dns server lookups!
    gateway is ok too.
    0
     
    LVL 6

    Expert Comment

    by:Casca1
    Personally, I would recommend turning off the DHCP on the router. No sense giving out information. Yes, it is a little difficult to get, but it is possible. Turning it off ensures the router can only tell about the IP address' it has. Paraniod, I know, but I run that configuration and remain reasonably secure.
    Additionally, you can set far more features for your clients from the Win server.
    However, you only want one server handing out address, so one of needs to go. 8-)
    Good Luck!
    0
     
    LVL 6

    Expert Comment

    by:Casca1
    Oh, and thanks for the score and grade! 8-)
    And, as a side note, that isn't the ONLY thing I use to secure my network, but then again, a multi-teired approch starts somewhere. ;-)
    0
     

    Author Comment

    by:AJPhelps
    Thanks all.  All is working well.  2nd DHCP has been removed and there are no problems/errors.

    -AJP
    0
     

    Expert Comment

    by:suninder_singh
    hi,

    there is the Typical setup for a first server wizard that is referenced by Microsoft;
    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/entserver/typical_setup.asp

    if i like to setup my domain using that wizard and due to some reason i uninstall ADS and then i like to recall that wizard again then it not run or open.

    any body know what the problem is there is something is missing.
    0
     
    LVL 6

    Expert Comment

    by:Casca1
    Try posting a completely seperate question. This may seem related, but it's better to create your own question.
    0
     

    Expert Comment

    by:suninder_singh
    Thanks for sug. Mr casca1 but i m new in EE world. i do't have any idea how start new thread can u tell me the whole process step by step how to i put my Q in sep. form

    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
    Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
    In this Experts Exchange video Micro Tutorial, I'm going to show how small business owners who use Google Apps can save money by setting up what is called a catch-all email address in their Gmail accounts. By using the catch-all feature, small busin…
    This video is in connection to the article "The case of a missing mobile phone (https://www.experts-exchange.com/articles/28474/The-Case-of-a-Missing-Mobile-Phone.html)". It will help one to understand clearly the steps to track a lost android phone.

    933 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now