• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Windows DNS Server / adding external DNS

S

spikespiegal

Golden Member
This is one of the Active Directory 101 questions that seems easy, but I've never found two people agreeing on the right way to do this.

Basically, if you have a simple Active Directory domain, what's the best way to deliver external (internet/ISP/DNS) server resolution to client machines?

- manually set external DNS servers in the IP config of client machines (seem rather primitive, but it works)

- add external DNS servers to the IP config of main Active Directory box. (if 'localhost' is a part of DNS server forwarding, it *should* work).

- Add the external server addresses to the 'forwarders' tab under the AD controller's object properties in DNS manager. (never seems to work real well in my experience)

- other?
 
I'd use forwarding. If you set the AD machine's DNS to be not-local, then local resolution should fail. Setting it to forward to an external NS server for unknown domains is the way to go.
 
Randal...I'd prefer the internal DNS server to use root hints rather than forward to another name server. Provides quicker resolution/more accuracy.
 
You mean not have Windows invoke it's 'paper-rock-scissors' algorithm to determine if a host is internal or not? 😀

Could you post some examples on how you do this?
 
Yep, that is the right way to do it. 😉 I see now that there was option number 4, "other" ... I was going on what he options he had.

BTW, nobody manually configures IPs or Nameservers on corporate machines anymore. DHCP + GPOs = ultra remote administration of everything. You can even set a GPO to override the nameservers learned through DHCP.
 
Originally posted by: spidey07
Randal...I'd prefer the internal DNS server to use root hints rather than forward to another name server. Provides quicker resolution/more accuracy.
Click to expand...
I usually use Forwarders. But, admittedly, Root Hints has the BIG advantage of working even if your ISP's DNS servers fail (which happens a LOT more often than it should with Qwest or Cox).

BTW....Forwarders SHOULD work just fine. That's the default way that all SBS 2003 servers get their external DNS resolution, and I've never heard a single complaint when it's set up properly.

Regardless of how you do the forwarding, the easiest and most way to get DNS resolution for clients is to use DHCP and hand them the DNS and Default Gateway settings through DHCP.
 
Originally posted by: RebateMonger
Regardless of how you do the forwarding, the easiest and most way to get DNS resolution for clients is to use DHCP and hand them the DNS and Default Gateway settings through DHCP.
Click to expand...

that wouldn't work if you're in an AD domain, correct?
 
Originally posted by: InlineFour
Originally posted by: RebateMonger
Regardless of how you do the forwarding, the easiest and most way to get DNS resolution for clients is to use DHCP and hand them the DNS and Default Gateway settings through DHCP.
Click to expand...
that wouldn't work if you're in an AD domain, correct?
Click to expand...
It works fine in an AD Domain. DHCP has "Options" available that it will deliver to a DHCP client PC. Common Options include the Default Gateway (Router), DNS Server, and WINS Server.
 
Originally posted by: InlineFour
Originally posted by: RebateMonger
Regardless of how you do the forwarding, the easiest and most way to get DNS resolution for clients is to use DHCP and hand them the DNS and Default Gateway settings through DHCP.
Click to expand...

that wouldn't work if you're in an AD domain, correct?
Click to expand...

actually, you really should always use DHCP. especially in AD.

nobody ever wants to go and change IP settings on 100s or 100s of thousands of computers. always use DHCP for everything - never, ever use static IP settings of any kind.
 
Originally posted by: spidey07
Originally posted by: InlineFour
Originally posted by: RebateMonger
Regardless of how you do the forwarding, the easiest and most way to get DNS resolution for clients is to use DHCP and hand them the DNS and Default Gateway settings through DHCP.
Click to expand...

that wouldn't work if you're in an AD domain, correct?
Click to expand...

actually, you really should always use DHCP. especially in AD.

nobody ever wants to go and change IP settings on 100s or 100s of thousands of computers. always use DHCP for everything - never, ever use static IP settings of any kind.
Click to expand...

Except servers of course. But then again you can always use dhcp reservation.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top