• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 317
  • Last Modified:

Configure a new W2000 domain to join as a child domain to a w2003 domain across a Cisco 2611 router

Hi.

I am trying to setup a new child domain on a dell poweredge 4100 server running w2000 advanced server to join an existing w2003 domian across a 2611 router.
The setup i have is as follows:
A dell server built as a standalone w2000 advanced server with no wins,dns,dhcp etc and not a member of any domian.
A home built server running Win2003 Server running AD DNS WINS as a DC of my root domian
Another home built server running W2000 as a second DC in  my root domain.
A cisco 1900 switch which my two DC are connected to.
This switch then connects to my Cisco 2611 router in int e0/0
A connection from int e0/1 to a linksys switch
A connection from the linksys switch to my dell server that i am trying to join to the main domain as a child domian.

I can ping by ip address to all the servers across the router but cannot ping by name unless i add the details to each lmhost/host file on the servers(which doesnt help with the main problem) and I can ping by name from the router.
When i run dcpromo on the dell server it runs ok until it trys to connect to the existing domain when i get the error message
The domain +++++++ is not an active directory domain or an active directory domain controller for the domain cannot be contacted!! I am using the EA account for this.
Could the problem be with the router(config added below) DNS on my W2003 server or the Cisco 1900 switch.


sh run
Building configuration...

Current configuration : 892 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ======
!

!
ip subnet-zero
!
!
ip host edinburgh 192.168.2.100
ip host southampton 192.168.0.100
ip name-server 192.168.0.100
!
!
!
!
interface Ethernet0/0
 ip address 192.168.0.149 255.255.255.0  (Main Domain 192.168.0.100 controller)
 full-duplex
!
interface Ethernet0/1
 ip address 192.168.2.149 255.255.255.0  (New Child Domain 192.168.2.100 controller)
 full-duplex
!
router rip
 redistribute connected
 network 192.168.0.0
 network 192.168.2.0
!
router igrp 1
 redistribute connected
 network 192.168.0.0
 network 192.168.2.0
!
ip classless
ip http server
!
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
route-map route permit 10
!
snmp-server community r RO
snmp-server enable traps tty
!
line con 0
line aux 0
line vty 0 4
 password =======
 login
!
end

Router#
 I have tried adding a new subnet into the exisitng DNS adding Wins but nothing seems to work.

Please can somebody steer me in the right direction.

Many Thanks
0
leejcooper
Asked:
leejcooper
  • 2
2 Solutions
 
lrmooreCommented:
Try this on the router:

interface Ethernet0/0
 ip helper-address 192.168.2.255
!
interface Ethernet0/1
 ip helper-address 192.168.0.255

0
 
markgrinceriCommented:
FIrstly This is a DNS Problem which would occur even if you didn't have a cisco router in the middle. For a AD Install, its so important to DNS working properley. Why pinging using a name from the router is working is because you have a staticly defined hostname to ip address. lrmoore is right in using ip helper-address as that passes DNS udp packets. I would only add to that add in global config

ip name-server x.x.x.x (ip address of DNS server)

and then try to ping using a name from the router, after removing the static defined hostnames
 
0
 
joedoe58Commented:
Yes markginceri is right you have to have dns queries to pass without problem between the servers to be able to do a dcpromo and you have to find where udp 53 is blocked.
0
 
lrmooreCommented:
Just to clarify a couple of things...
Agree that it is a name resolution problem. However, the router does NOT block any IP packets, only the netbios broacasts on UDP 137/138. Enabling "ip helper-address" opens up those two protocols to allow broadcast.
DNS is NOT blocked at all.
Adding "ip name-server" command to the router has absolutely no value. It is only used by the router itself from the command line. It is of no use to the networks on either side of it.

Some references that might help


How Browsing a Wide Area Network Works (across router boundaries):
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q117633&

How to troubleshoot DNS name resolution on the Internet in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;816567

WIN2K
Windows 2000 server with Active Directory doesn't use NETBIOS for name resolution.

Windows 2000 DNS - Diagnosing Name Resolution Problems
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/cnet/cncf_imp_zvri.asp
http://support.microsoft.com/default.aspx?scid=kb;en-us;316341

Windows 2000 DNS - Solving other common DNS problems
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/cnet/cncf_imp_ibxf.asp
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now