Big Network - Big Cheese Demand

[WANNABEU]

New child domain at a university (i.e. nstc.iah.edu)with two new W2K servers at two sites on one domain. The University "Powers That Be" have sent down the word that they want NO other DNS servers on the network other than the main campus DNS server, which they manage. That campus server is not AD integrated and does not accept dynamic updates (and currently has no plans to). There is one other DNS server up and running that is located in our building (somehow THEY got permission...hmph!) on a different child domain (arc.iah.edu) but it is currently running on a Linux box. When I try to point the new W2K server there for DNS, I get a "Server GUID DNS Name could not be resolved to an IP address". Sooo...

What are my choices to get this new server to run without installing DNS on it? (sorry if I rambled).

Can you nudge me in the right direction?

Thanks!
Constance

 

[Morsing]

I don't understand why you want to point to the other DNS??

Cheers Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support

 

[WANNABEU]

Because the heads of the University IT department won't allow DNS to run on our server at all. They want us to use only their DNS server located on campus (we are in a building off campus) or a DNS server in a different child domain here in our building.

Does that make any sense or should I explain further?

 

[dmandell]

If you are running in native mode you could put your DNS in Active directory. Technically, this would not be another DNS server, but just another windows domain controller with AD services running, (non-Windows clients would not be able to access this server for name resolution of course)

Maybe you could get away with it and plead innocence if eyebrows get raised?

"It's not REALLY a DNS server, it's an Active Directory server."

Dana

 

[WANNABEU]

Thanks Dana! Good suggestion

Dumb question but you mean go ahead and install the DNS service on that server and have what information in it? Just local info?

C.

 

[dmandell]

Exactly. That server would be authorative for only your local domain, or subdomain, (the child domain) and forward all other request to the main DNS servers. Then all of your local Windows clients can properly register themselves in dynamic DNS and AD will work correctly.

Without it you will be pretty well "hosed" if you are trying to use Win2k AD domains.

 

[WANNABEU]

Thanks much, Dana! I'll get my "Huh...what DNS Server????" face ready to go!

Connie

 

[dmandell]

Ha-ha-ha
No one but your local child domain users will see any difference in the network. I suppose if you have admins "sniffing" DNS queries on your local segment, one might see something, but I'm not even sure of that, since you will actually be storing DNS in AD.

Good luck!
(BTW, I am not advocating anarchyat your university!
Dana

 

[Whoheard]

Sounds that way to me... But, I would do it too. Good luck.