I'll get DNS installed. Can I point the Domain DNS to the Netgear and then out of the building. If I make the DC the only DNS server the other workgroup machines will lose the Internet and I need the rest to stay connected. The Domain will depart my house in a few days when I get a couple more workstations built.
On Jan 20, 2008 2:33 PM, NTSysAdmin <[EMAIL PROTECTED]> wrote: > > DNS is a required service for Active Directory. You need to configure a > windows DNS server and load your domain zone. > > > > S > > > > *From:* Len Hammond [mailto:[EMAIL PROTECTED] > *Sent:* Sunday, January 20, 2008 3:29 PM > *To:* NT System Admin Issues > *Subject:* Re: permissions problem > > > > > > Yes, I had checked those first and no firewalls are up between the > two servers or on either of the servers. The servers are on the same subnet > with the same DNS server IP. There are no problems pinging from any box to > any other box on the network by name or IP regardless of domain or workgroup > membership. > > > > As I am building this in my home prior to delivering this to the > organization that it is intended for, all machines in this domain, > (currently 1 DC, 1 member server and 1 workstation) are on the same subnet. > And currently the DHCP and DNS are being handled by my Netgear > Firewall/Router. All three of these machines along with my personal > workstation, my wifes workstation, my son's workstation and my laptop are on > the same subnet - all receiving DHCP from the Netgear device. This being a > Netgear WGT624, the default config for the WGT is to deliver it's internal > IP address as both DHCP and DNS server IP addresses. Currently I can ping > all networked workstations in the house by name and by address regardless > that my personal workstation, my wife's workstation and my laptop are in one > workgroup, my son's workstation in another workgroup and the two servers and > one workstation in the same Domain. All computers can surf the web without > problems. > > > > The network that these units are headed for also has DHCP and DNS served > by the Linksys firewall/router installed there. I had kind of planned to at > least move DHCP to the Domain Controller and was thinking about the DNS as > well, but had not made my mind up yet on that. They are not hosting and > e-mail or web stuff there, that is done outside so having to split DNS > between inside and outside stuff should not be needed. As least as I > understand it right now. > > > > Thanks for making me cover the basics in the post > > On Jan 20, 2008 1:01 PM, Jon Harris <[EMAIL PROTECTED]> wrote: > > > > Have you checked to see that there are no firewalls up? Does the DC also > have DNS/DHCP running? Are both machines in the same subnet? You said > anything but these are usually the things that occur first when doing any > testing. > > > > Jon > > On Jan 20, 2008 12:56 PM, Len Hammond <[EMAIL PROTECTED]> wrote: > > > > It's a brand new domain and I have made NO policy changes to the DC. I > have enabled several services that I always enable like Messenger and > Alerter services so that users can get print job completion notices and such > but that is all of the chnages made. I didn't remember making any changes > to the other domains I created to get this to work. In this domain I have > set the Admin password to the member server the same as the password to the > admin account for the domain and there might be some kind of confusion in > the member server over that. After lunch today I will change the Admin > password in hte domain and see if that make any changes and lets me do what > I need to do. Keep the ideas coming - I'll try just about anything at this > point. > > Thanks for the thoughts > > Len > > On Jan 20, 2008 11:08 AM, Steve Pruitt <[EMAIL PROTECTED]> wrote: > > > > I don't think there's anything special needed - the default configuration > should allow what you want. You should see what groups your account is in, > what's in the local administrators group on the second machine, what GPOs > apply, and review anything else you might have configured. > > > > Steve > > ----- Original Message ----- > > *From:* Len Hammond <[EMAIL PROTECTED]> > > *To:* NT System Admin Issues <ntsysadmin@lyris.sunbelt-software.com> > > *Sent:* Sunday, January 20, 2008 8:49 AM > > *Subject:* Re: permissions problem > > > > > > I was using a Domain Admin Account. Although the local admin account does > exactly the same thing. I'm thinking that I missed something in the setup of > the DC - like enabling something in policy that would let a Domain Admin set > things on member servers. I must not be googling for the right keywords > because this should not be this obscure to find the solution to. It can't be > that hard as I've done it for another scratch built domain a couple of years > ago. I just can't seem to remember what it was. <scowls at self> > > > > Len > > > > Was it something about delegation of authority? on the DC? > > Len > > On Jan 19, 2008 10:32 PM, Steve Pruitt <[EMAIL PROTECTED]> wrote: > > > > Are you using a domain admin account or a local admin account on the > second server? That sounds like a local account, though I haven't tried > doing that. > > > > Steve > > ----- Original Message ----- > > *From:* Len Hammond <[EMAIL PROTECTED]> > > *To:* NT System Admin Issues <ntsysadmin@lyris.sunbelt-software.com> > > *Sent:* Saturday, January 19, 2008 10:23 PM > > *Subject:* permissions problem > > > > > > Hi people, > > > > Been off the list a while. My corporate gig ended a while back and now I'm > doing some freelance stuff while looking for another permanent position. > But now I have a problem with a new domain I'm setting up for a small > non-profit. > > > > Background: > > New domain (they are peer to peer until I get the new domain built > and installed) > > New DC (HP dl380) - Server 2003 - file & print shares > > New database member server (HP dl360) - Server 2003 - small database > program and a couple of small, low usage file shares. > > One XP workstation > > > > Problem: for some reason I can't set domain permissions on the member > server shares. When attempting to set permissions the only item in the list > is the member server name, the DC server name is not listed and the > 'location' selection button and selection line is not accessible and cannot > be changed from the member server name to the domain name. > > > > The member server *is* a member of the domain. I even tried removing the > member server and adding it back to the domain without success. It has been > a long time since I set up a new domain with more than one server so maybe > my feeble memory is forgetting a step in the setup. My googling has not > turned up an answer yet. Could someone kindly refresh my memory? > > > > Thanks > > > -- > Len Hammond > Hammond Enterprises > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > -- > Len Hammond > Hammond Enterprises > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > -- > Len Hammond > Hammond Enterprises > [EMAIL PROTECTED] > > > > > > > > > > > > -- Len Hammond Hammond Enterprises [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
