Active Directory and DNS

[RayWilson]

Hello,

The company I work for has quite a few Windows 2003 Enterprise servers but they are all stand-alone servers and are in the default workgroup. The company uses Novell eDirectory as it's primary directory platform but I am investigating the possibility of setting up two Active Directory servers (one as a replicant) so I can tie all these Windows servers together under one domain to ease administration.

I am having a bit trouble comprehending the implications of DNS as Active Directory needs it to function. Some of the Windows 2003 Enterprise servers already run DNS and maintain the forward lookup zone for the company (triggis.com) which contains all of the systems and a reverse lookup zone (10.0.0.0) which contains all the IP addresses.

If I set up Active Directory do I need to supply it with the 'triggis.com' name, copy all the records from the primary DNS server and use the domain controller as the new primary DNS server? If I were to supply Active Directory with and unused DNS namespace (e.g. 'triggis.local') would it still work properly? Would I need to poulate this namespace?

 

[wcburton]

You can use any DNS server you like. It does not have to be AD integrated or running on your DC. You will need to add certain entries to the DNS that point to the AD services. I believe that when you do the dcpromo and it sees that you already have DNS, it will give you the entries you need to make.

There is generally advice given against naming your internal domain with the same root as an external web presence but that is mainly to avoid dealing with split DNS issues. If you are already addressing these servers as .com then you should have no reason to change.

 

[58sniper]

but that is mainly to avoid dealing with split DNS issues.

as well as a bunch of security issues. Even with an internal name that's not publicly available, split-brain DNS is gaining in popularity.

Pat Richard MVP