Title: Message
I've
never encountered a problem when naming the internal AD namespace the same as
the public internet domain name. As long as the internal DNS servers have no
contact with the name servers serving your external namespace you should be
fine. You should be creating very few
Title: Message
Highly
unlikely I would have thought. How would AD clients locate the DC for one
?
Ian
Moran
Konnexion Ltd
-Original Message-From: Deepa Kumthekar
[mailto:[EMAIL PROTECTED]] Sent: 13 November 2001
01:12To: [EMAIL PROTECTED]Subject:
[ActiveDir]
Below
are some snips of the code I use. What I have below needs to be dressed up
but you can see how I set the root or child domain when adding accounts and the
OU to add them too. I have vbs script setup to use command line switched
and all this is set when it is run.
HTH
Joe
Sargent
Title: dNSHostName
If you
decide not to change I'd suggest you take a look at the dnscmd tool. It
makes scripting DNS changes/additions very easy. We've got a similar setup
with
3
DNSboxes, one script modifies all 3.
just
something to look at
Damon
Erickson
-Original
My
domain runs fine without MS DNS. All I use is a DNS forwarder to my internet
provider.
-Ursprüngliche Nachricht-
Von:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Im Auftrag von Giovanni Bianchini
Gesendet: Dienstag, 13. November
2001 16:25
An: [EMAIL PROTECTED]
Betreff:
Is the machine logging into a local AD domain ? For AD to work properly (in
your case login authetication possibly) you would need DNS. It is possible
to configure a nonMS BIND 6.2 DNS server to handle object records that AD
requires, but I believe you can expect difficulty with no object
If the DC for a child domain went down, would a user from
the child domain still be authenticated by the parent DC or are they dead in
the water until the child DC came back?
�
They'd be
fine. Actually, it doesn't even have to be the parent domain, depending on
the structure of your AD.
-Original Message-From: Rogers, Michael J.
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, November 13, 2001 11:14
AMTo: [EMAIL PROTECTED]Subject: [ActiveDir]
Child
That is very cool.
Ours is very basic. We have 2 DCs in the parent and 1
DC in the child. I am trying to
decide if I need to add another DC in the child and I guess that answers my
question. We will be authenticating
about 1500 users in the child domain.
-Original Message-
Hi Guys,
I have a little problem over here. I am migrating a network from windows
nt to windows 2000, so what i did was did, i got a desktop machine and
installed nt server on the machine as a backup domain controller, i then
changed the ip address range then promoted it to a primary domain
I hate to p1ss on everyone's fire here, but 1500
users on one machine strikes me as 'all my eggs in one basket' routine. Yes W2K
can handle this number of users yet -
If you have 1 DCin a child domain this is
unlikely to be a GC because you haven't split the infrastructure master fsmo
onto
The first DC in your windows 2000 AD takes the Global Catalog role by
default. It also takes the 5 FSMO roles. Sounds like you removed
active directory from the first DC before you transfered all these roles
to the new server. Check out the article Q223787 and see if that helps.
You will also
Another
considerationDepending on what type of clients the users are being
authenticated from.Down level
clients such as nt4, and win98 rely on traditional ntlm authentication as opposed to kerberos, andI believe these
down level clientswillbe at a disadvantage in the scenario
you
You need to have at least 2 DC in the
child. Since only the Domain controllers in a domain have the Domain Partition
of AD, if the child DC goes down that whole domain is down. Only the Schema and
Configuration partitions replicate throughout the forest.
-Original Message-
When you demoted the DC it should have transferred all of the Roles to
the other server. You will need to manually configure the server as a
GC. Do this through the AD sites and services MMC. Once in the MMC go
into the default site -- servers -- select the server -- right click
on NTDS settings
15 matches
Mail list logo
