Solved

DNS Setting for Domain controller

Posted on 2014-02-18
12
444 Views
Last Modified: 2014-02-21
Have a small domain and needed a hurry up domain controller installed.

Running well enough but routinely run into issues with public and domain name resolution.

I'm sure I never set the forwarding for the public DNS on the controller right.  Any good checklist reviews for verifying my set up and what i may have done wrong/missed?

This is a Windowss 2008 server...
0
Comment
Question by:VirtualKansas
  • 8
  • 3
12 Comments
 
LVL 16

Expert Comment

by:gurutc
ID: 39868477
Hi,

Which computers are having the public/private issues?  The client pcs?  the server?  Are you using DHCP coming from the Domain Controller?

- gurutc
0
 

Author Comment

by:VirtualKansas
ID: 39868528
The client PC's.  It's been nearly a year since I set up this network, so not positive where DHCP is, but it appears its not on the DC.  

This is a really strange network because we have field offices that are tunnel VPN'ed to HQ and really strange in that no one is really ever in the HQ office.  So field offices come & go and there is a lot of tunnel and other VPN that consumes these services.
0
 

Author Comment

by:VirtualKansas
ID: 39868532
I think I may simply failed to take the time to set up forwarders in the DNS of the DC's for public name resolution.  Chicken & egg problem; field offices got set up before there was ever a domain.
0
 
LVL 16

Expert Comment

by:gurutc
ID: 39868538
deal, nothing configured on the adapters for public resolution, right?

sounds like you're ciphered.

- gurutc
0
 

Author Comment

by:VirtualKansas
ID: 39868551
OK; I'm at HQ office in proximity of a back up DC.  The primary believe it or not is in a field office.  The back up DC is set for primary DNS as a loop back and secondary as the PDC.  No public DNS on this adapter.
0
 

Author Comment

by:VirtualKansas
ID: 39868561
OK; checked PDC and same.  1st lookup is self, 2nd is another DC.
0
Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

 
LVL 16

Expert Comment

by:gurutc
ID: 39868562
yes sometimes that'll do the trick if you've got a public DNS anywhere.

- gurutc
0
 

Author Comment

by:VirtualKansas
ID: 39868572
don't think i have a public dns anywhere
0
 

Author Comment

by:VirtualKansas
ID: 39868583
so kind of jack of all master of none, here; do i need to add a forwarder for public dns?  is that my loose end?
0
 

Author Comment

by:VirtualKansas
ID: 39868909
yes; definitely need help.  Certain external dns not resolving when in the HQ LAN.  Forwarder?
0
 
LVL 18

Accepted Solution

by:
Sarang Tinguria earned 500 total points
ID: 39870117
Refer Below link for DNS best Practices...


How we should Configuere DNS on our DC :-->

Every DNS server should Point to its own IP as a primary DNS and DNS located in remote site as a secondary DNS in TCP/IP properties
All the unused NIC's to be disabled
Valid DNS Ip from ISP to be configuered in DNS forwarders Do not configuere local DNS in forwarders
Public DNS IP's Should not be used at any NIC Card except Forwarders
Domain Controllers should not be multi-homed
Running VPN server and RRas server makes the DC multihomed refer http://support.microsoft.com/default.aspx?scid=kb;en-us;272294


If anything above is incorrect please correct it and run "ipconfig /flushdns & ipconfig /registerdns " and restart DNS service using "net stop dns & net start dns"

DNS best practices
http://technet.microsoft.com/en-us/library/cc778439(v=WS.10).aspx

Checklist: Deploying DNS for Active Directory
http://technet.microsoft.com/en-us/library/cc757116(v=ws.10)

DNS Arguments

http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest


http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/
0
 

Author Closing Comment

by:VirtualKansas
ID: 39877282
I'll take this as the best answer.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now