We have a customer with an SBS 2003 domain at head office and 7 Win 2003 Standard member servers at branch offices connected through a VPN.
Each member server is acting as local DC and DNS.
Each branch site has a unique IP subnet which are correctly setup in AD sites and services.
Generally things work fine - however, there are intermittent group policy errors in the member server logs - Event 1058 - and sometimes users are unable to find local printers in the directory. There are no DNS errors logged.
So I just want to double check that we've got DNS setup correctly.
All servers point to themselves as primary DNS with no secondary. And all servers have the ISPs DNS servers setup as forwarders. All client computers are assigned the local DNS server by DHCP - no secondary.
DNS on each server is AD integrated and set to replicate with all other servers in the domain.
Should the member servers have the SBS machine as a forwarder in DNS? Or is that dealt with by the AD replication?
Should each server have another server in the domain as secondary DNS?
Should Zone Transfers be enabled on the SBS machine?
Or is everything set as it should be?