RE: [ActiveDir] Authoritative Domain Problem

[Edwin]

Our public nameserver is running Linux and we could enable it for use on the DC but that would mean we would have to punch a hole in the firewall.  But putting a hole in the firewall is not something that will be approved.   Doing something with ADSI programming seems to be the only logical solution at this point but my experience just doesn’t take me there yet.  I am doing a lot of reading now but need a quicker solution.  I would think that M$FT had some kind of tool already that would query a remote nameserver and import those setting for a domain.  Would I be correct?  If not, M$FT, does anyone know of another tool maybe from a 3rd party developer?   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Coleman, Hunter Sent: Wednesday, March 10, 2004 9:47 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Authoritative Domain Problem   Since your DC (rightly) believes it is authoratative for mycompany.net, it won't matter what you have set up for forwarding. Any request coming to your DC for resolving *.mycompany.net is going to get answered by the DC. It will either return the requested information or say that the information doesn't exist.   What you'll need to do is manually add in the records for the daily accessed servers. Or, if those servers are joined to your Win2k3 domain and you have dynamic DNS enabled, the servers can register themselves.   As a sidenote, take a look at http://support.microsoft.com/default.aspx?scid=kb;en-us;255134. Not sure if this has changed for Win2k3, but definitely worth following up.   From: Edwin [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 10, 2004 7:00 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Authoritative Domain Problem I have my DC setup as a DHCP Server as well as a DNS Server.  I work for a company that has public DNS records (mycompany.net) that are used to reference servers that are accessed daily.  I setup the DC to use mycompany.net as the domain name and now I am having troubles resolving DNS for these daily accessed servers.  So for example, if I needed to access a server I would normally reference it by calling servername.mycompany.net.  I should have used a 3rd level domain for the DC but that is too late to argue about or change now.   Since I have Win2K3 as my DC I tried to do a domain rename.  As I started reading the documentation, I quickly learned that I could not do this because the client machines already on the DC are running Win2K Professional ( easy fix ), but more importantly the MS Exchange Server we have online would not support the domain name change.  Therefore, because of the Exchange server I could not risk performing this task a second time since the Exchange Server was just recently moved to this new domain in question and I received a lot of grief because of the migration process.   So here is my question.  Is it possible to have the DNS server of the DC forward an authoritative request to a public nameserver?  I have tried doing this by configuring the "Forwarders" tab under the DNS propertied without success.  The workaround being used right now is to change the DHCP server order by having the public nameservers listed first and then the DC DNS server listed last. This of course doesn't sound like a good solution.   If forwarding is not an option, then is it possible for the internal DC DNS server to query the external public nameserver and then pull the data that it does not currently have?  If so, can you please lead me in the right direction?   I hope that I have made my question clear.  If anyone is able to help, I will be more than happy to answer any and all questions that I can.