Active Directory on W2k3 - DNS? help
Hi all - I have been tossed into a situation where we have a single domain controller (W2k3) that was installed and configured without DNS. The short of it is, this site has been using hosts files since they were a 10 user office and for whatever reason continued to use them. Now that we have a temporary (and yes, this will all be gone in about 4-6 weeks) solution in place, I've some concerns on the way it was configured.
I 'thought' DNS was a mandatory process when configuring AD - apparently not, as the consultant that set it up got around it.
So, I'm toying with the idea of setting up both DHCP & DNS on this server (yes, they were also using and still are, static IPs - 300+ clients). However, DNS in an AD environment is something I haven't really spent much time with.
From your expert experiences, can I get some opinions/advice on setting this up?
A) Is it worth it, since we'll be moving to a stable environment beginning next week, with potentially 1/3 of the office and continuing for 3-6 weeks after (depending on each wave's success)
B) How hard would it be to do so? DNS has always been a weak point of mine and I'm concerned that I might screw something up! :)
C) Other than touching all 300+ systems again (and this includes some VPN users) - how can we easily/automate the process of switching them over to dynamic IP?
They currently use their provider's DNS servers for internet access. They have several in-house servers right now. I've removed all client entries from the hosts files via a login script - but is that enough?
100 points per bullet above. If I decide to move forward, I'll open a new thread on actually installing it... Thanx.
I 'thought' DNS was a mandatory process when configuring AD - apparently not, as the consultant that set it up got around it.
So, I'm toying with the idea of setting up both DHCP & DNS on this server (yes, they were also using and still are, static IPs - 300+ clients). However, DNS in an AD environment is something I haven't really spent much time with.
From your expert experiences, can I get some opinions/advice on setting this up?
A) Is it worth it, since we'll be moving to a stable environment beginning next week, with potentially 1/3 of the office and continuing for 3-6 weeks after (depending on each wave's success)
B) How hard would it be to do so? DNS has always been a weak point of mine and I'm concerned that I might screw something up! :)
C) Other than touching all 300+ systems again (and this includes some VPN users) - how can we easily/automate the process of switching them over to dynamic IP?
They currently use their provider's DNS servers for internet access. They have several in-house servers right now. I've removed all client entries from the hosts files via a login script - but is that enough?
100 points per bullet above. If I decide to move forward, I'll open a new thread on actually installing it... Thanx.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Maybe, you cant start isolating the servers on a fixed range. You may want them to have fixed IP's, anyway.
You can create a new hosts file, update servers IP, and use the same for /l to copy an updated hosts file, like
for /L %t ...... copy hosts \\10.10.100.%t\admin$\syst
for /L %t ...... copy hosts \\10.10.101.%t\admin$\syst
...
etc.
Then move to use DHCP. If you have subnets... you may need to add dhcp servers there and block the ports on routers.
You can create a new hosts file, update servers IP, and use the same for /l to copy an updated hosts file, like
for /L %t ...... copy hosts \\10.10.100.%t\admin$\syst
for /L %t ...... copy hosts \\10.10.101.%t\admin$\syst
...
etc.
Then move to use DHCP. If you have subnets... you may need to add dhcp servers there and block the ports on routers.
ASKER
This all sounds like too big an undertaking with this network and the limited amount of time we have left on it.
Sad part is that the IS folks that have worked this network for years apparently don't know how it's configured, so I'd be fearful something would get left out or overlooked and generate more trouble than not.
I am actually surprised it is working without DNS - I learned something new this go around.
But anyway - I thank you all for your insight and encouragement.
Sad part is that the IS folks that have worked this network for years apparently don't know how it's configured, so I'd be fearful something would get left out or overlooked and generate more trouble than not.
I am actually surprised it is working without DNS - I learned something new this go around.
But anyway - I thank you all for your insight and encouragement.
ASKER
me - but perhaps it's different with W2k3?
It's a class B: 10.10.x.y
Problem with using login script - is obviously the difference in local interface references, and the fact that some machines are still not, for whatever reason, running them (I think this is mostly VPN users though). The problem with the netsh batch file is that they could potentially have a server somewhere down the line, 10.10.100.12 that doesn't sit within the 'normal' client range. This is the most wacked network I've ever seen - you really have to see it to believe it...<sigh>...
Thanx guys - I'll read thru the articles and post back...