Solved

DNS question adding a windows svr03 to sbs

Posted on 2008-09-30
13
315 Views
Last Modified: 2012-05-05
Hi
I have a quick question regarding adding my remote windows 2003 server to my sbs domain.
I know when I add the remote server to the sbs domain I have to set the remote servers Primary DNS to point to the SBS server (10.13.1.10).. does this is always stay the sameall the time? My main concern is that how my users in the remote network are going to connect to the internet, because at the moment I have set the DNS servers that my isp gave me in the forwarders sections in DNS. Also in my remote office my router looks for the server to handle the dns quries. Once I add the remote server to the sbs domain, my remote network wont try to look for sbs domain to handle its internet will it? Sorry for the stupid questions but its my first time in doing this.
0
Comment
Question by:Dan560
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
  • 3
13 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 22606915
Two options - once you have installed DNS on the new server an set your clients up to use it you can?

1. Set up frowarders on the new DNS server to point directly to the internet servers (as you have with the SBS server

2. 1. Set up frowarders on the new DNS server to point to the SBS server (and then that will use its forwarder to the internet.
0
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 22606963
Set primary DNS pointing to your SBS and in SBS setup the forwarders given by your ISP. All internet traffic will be handle by the SBS first and if it fails to resolves the address it will send your requests to the ISP's DNS. Just like what you would do using the SBS server on its own.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 22606975
I've just re-red the question:
I am assuming that you are manking the new server an additional domain controller ? If you set up a remote server, then you should initially point it at the SBS server for its DNS.  Once you have made it a DC, then you need to install DNS on it

Once you have installed DNS on the new server, then you should change its settings so that it uses itself as the preferred DNS server and the SBS server as an alternate DNS server. the you should either

1. Set up frowarders on the new DNS server to point directly to the internet servers (as you have with the SBS server
OR
2.  Set up frowarders on the new DNS server to point to the SBS server (and then that will use its forwarder to the internet.


0
[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

 
LVL 2

Author Comment

by:Dan560
ID: 22607100
Sorry I forget to mention it, yes I do want the remote server to be a 2nd DC..So when I'm adding the server to the domain I need my primary DNS to be pointing to the sbs server? and then when I want to run dcpromo do I need to change the servers DNS to point to itself? And then in DNS setup the forwarders on the remote server that my ISP gave me?
0
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
ID: 22607142
Yes point the server to the SBS server for its DNS to begin with. DCPROMO it to make it a DC, then add DNS. Once DNS has replicated (it will replicate automatically once installed), then change the preferred DNS server setting to it points at itself (and to the SBS as alternate). then set up the forwarders.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 22607175
BTW its also a good idea to make the new DC a global catalog: Go to Administrative Tools, Active Directory Sites and Services, Expand , Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)
0
 
LVL 2

Author Comment

by:Dan560
ID: 22607232
Thanks KCTS, yep I was going to do that, there are few things with sites and services that I need to configure anyway.
One last question though, I'm going to setup user profiles on the remote server, and use it as a file sharing server for the few users that work under that network. The two servers wont replicate the shared folders will they?
And also do you know from personal experience whether having a 2nd DC accross a vpn uses alot of bandwidth?
0
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 22612328
I read articles saying running TS on a DC will seriously compromise security and might have issues. I think thats about allowing user(s) to logon locally on a DC isn't a very good idea. And thats probably why they took TS away from SBS and only allow 2 concurrent admin connections.

http://www.msterminalservices.org/articles/Securing-Windows-Terminal-Services.html

So unless absolute necessary I wouldn't recomment promoting a TS server to a DC, or set a DC to become a TS server.

In answering the last question from Dan - No having 2 DCs across a VPN do not use much bandwidth. AD replication only replicate "changes" and i don't think your AD will be changed that often? Beside you can always schedule the replication windows, i.e. time to replicate. You can only allow replicatioin to be occurred once an hour or even less frequent than that.
0
 
LVL 2

Author Comment

by:Dan560
ID: 22612406
Yeah Its not a good idea to have TS on a DC, I agree,I've managed to lock it down quite alot via group polic thanks for your advice.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 22612485
I have to agree with the recommendation that you don't make the TS server a DC - the users are effectivly logging on locally to the DC so there is a limit with what you can do with policies and the like (which is why its not recommended  - and actually prohibited on an SBS sever
0
 
LVL 2

Author Comment

by:Dan560
ID: 22612518
Terminal server would be running on the 2nd DC..so it would be on the windows 2003 standard which has been running as TS for a while. Its only one user, is this still a problem if I carry on using the windows 2003 server as a TS?
0
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 22612557
If you only have ONE user why not set him up RWW on the SBS?
0
 
LVL 2

Author Comment

by:Dan560
ID: 22612593
Well we have one of those basic thin client terminals, so she has been using remote desktop, Will it really kick up a fuss if I carry on doing this? I'm not connecting to SBS remotley, but your saying it won't like it?
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question