Kern, Tom wrote:
they really should delegate you authority for your AD zone and these issues will go
away.
Not really. We still would have a shared IP address space so reverse
lookups in AD would still be disabled and would have to be manually
registered in the campus DNS system. There really isn't a good way to
do it in environments like ours. Luckily Microsoft has realized that
and added appropriate configuration/policy options.
point your dns server from your child domain to the root as a forwarder or pull down a
secondary copy of the root AD domain would be even better.
until then or if then, maybe if you fiddle around with your dns properties on the dc's network adapter. like uncheck "append parent suffixes of the primary dns suffix"
I'm pretty sure the problem has to do with the server thinking it has
two names. It probably happened during the initial dcpromo when it was
pointing to two different dns systems. (btw, this is a single
forest/single domain) Either way, its going to be a pain to correct so
I'm just going to recommend that they join our central forest which is
properly configured.
Thanks for the suggestions!
- Robbie
--
Robbie Foust, IT Analyst
OIT/CASI - Administrative Information Support
Duke University
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
