Results 1 to 9 of 9
  1. #1
    Star Lounger
    Join Date
    Jan 2001
    Location
    Wilmington, NC
    Posts
    52
    Thanks
    0
    Thanked 0 Times in 0 Posts

    AD and DNS Server on same machine?

    I'm trying to install 2K Server on a small network, and recently ran across a warning not to put AD, the domain controller and DNS all on the same machine.
    Any advice or pointers?

    TIA

  2. #2
    2 Star Lounger
    Join Date
    Apr 2001
    Location
    Des Moines, Iowa
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: AD and DNS Server on same machine?

    Can you tell us where you got this advice? I don't mean to be rude, but that's dead wrong. When you dcpromo, the DNS server is installed. You will need to set your DNS client on that machine to point to the DNS server on that machine. AD will not work correctly otherwise.

    Perhaps the advise was to not have all your clients hammer the DNS server on the AD domain controller?

  3. #3
    Star Lounger
    Join Date
    Jan 2001
    Location
    Wilmington, NC
    Posts
    52
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: AD and DNS Server on same machine?

    Hi Dean, Thanks for responding.
    I got the advice from Minasi.com newsletter #7.
    I usually consider Mark Minasi on par with God when it comes to Win 2k, but this one has really got me bugged. Here's his exact text:
    ++++++++++++++++++++++++++++++++
    Running Active Directory in a Single-Server Environment Causes Deregistration Errors
    Intrigued by a reader letter, I built a simple AD for testing purposes with just one server. That server acted as the sole DNS server and domain controller (as well as the sole server of any kind, file and print included) for an Active Directory-based domain. I then got a Netlogon error like this one in the Event Viewer, referring to an event ID 5775:

    Deregistration of the DNS record '_ldap._tcp.gc._msdcs.win2ktest.com. 600 IN SRV 0 100 3268 dun.win2ktest.com.' failed with the following error: DNS bad key.

    I was surprised to find an article in Microsoft's Knowledge Base (Q252695) that says that dynamic DNS sometimes can't register or de-register DNS records on a system which is an AD domain controller, a global catalog server, the dynamic DNS server for that domain, and that refers to itself for name resolution (in other words, if you were to look in the "DNS server addresses" box in the Advanced TCP/IP settings for that system, you'd see that it refers to itself).

    That sounds like a fairly significant problem for small offices. In fact, it kind of makes me wonder how they're going to get Small Business Server 2000 to work in that case -- if it's anything like the current product, it might not even allow any other servers. Anyway, a word to the wise for small users of 2000 and AD is, I guess, "don't use 2000 unless you've got a second server."

  4. #4
    2 Star Lounger
    Join Date
    Apr 2001
    Location
    Des Moines, Iowa
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: AD and DNS Server on same machine?

    I too have a high regard for Minasi's material. In fact, I learned most everything I know of MS servers from reading his books.

    I run Win2k on my small network (~50 users). We have two servers both running AD and therefore DNS server. I don't know exactly what to suggest. The newsletter #7 is rather outdated (Sep 2000). Perhaps this has been fixed in SP2 or post SP2 patches. You could just email him your question: help@minasi.com.

  5. #5
    Star Lounger
    Join Date
    Jan 2001
    Location
    Wilmington, NC
    Posts
    52
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: AD and DNS Server on same machine?

    I've Emailed him this... I love that he answers, but sometimes it takes a while. I'll post here again when/if he responds. My network is smaller than yours by nearly an order of magnitude, and I'd hate to sacrifice another box to serving.

  6. #6
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: AD and DNS Server on same machine?

    My home network has a single Windows 2000 server running all the services I need, including DNS and AD.

    The only issue I have with this setup is that every time I boot it logs a single Event 5781, doesn't seem to do any harm and the linked article shows how to cure it.

    StuartR

  7. #7
    2 Star Lounger
    Join Date
    Apr 2001
    Location
    Des Moines, Iowa
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: AD and DNS Server on same machine?

    Not to mention the cost of licensing another Win2k server which probably costs just as much as the hardware it runs on. Have you thought about maybe running a freeware DNS? There are many linux distros that to this very well and can run on a 486 (for DNS only). Perhaps your ISP will DNS for you (far from best solution)?

  8. #8
    Star Lounger
    Join Date
    Jan 2001
    Location
    Wilmington, NC
    Posts
    52
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Minasi Speaks

    Good idea about the freeware DNS.
    Here's what Mark Minasi Emailed me today:
    In actual fact, it doesn't seem to be that big a deal. Mostly cosmetic, actually. If you want to do something about it then just restart the Netlogon service, that seems to update DNS without trouble. But really you
    should have more than one DC and DNS server. I hope this helps!

    Mark

  9. #9
    Star Lounger
    Join Date
    Jan 2001
    Location
    Wilmington, NC
    Posts
    52
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: AD and DNS Server on same machine?

    Thanks for the link, Stuart, that is a very useful site!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •