Domain controller question

Discussion in 'Windows Networking' started by sjack, Mar 29, 2006.

  1. sjack

    sjack Guest

    I have set up one 2003 windows Server with AD on my network. I have 9
    locations that need to connect to the domain controller. I can ping
    the DNS Server from the other locations but I get a domain not
    available error if I try to reach the domain from one of the 9
    locations. Each location has its own class C ips that are routed by
    adtran routers to reach my site. All locations reach the internet by
    coming to my site and being sent out one router to the internet.

    I have only this one domain controller running in my entire network.
    PC's on the side can access the domain but the othrt 9 locations can't
    and receive the domain not available error

    I think it has something to do with either my DNS or permissions

    Help would be greatly received.
    sjack, Mar 29, 2006
  2. That is asking for disaster. You have a death wish and are trying to commit
    suicide aren't you?
    Every machine on the entire LAN/WAN (*every* machine, *all* locations) must
    use the one AD/DC and nothing else. If an ISP's DNS is ever used, then it
    must be entered in the Forwarders List within the Config of the AD/DNS
    Service and that machine must have to ability/permissions to make outbound
    DNS queries to the ISP's DNS machine. WINS would also be a good thing and
    could be setup on the same DC.

    The *correct* way to do all this is to have a DC at every physical location
    and use the Active Directory Sites object to control replication over the
    slower WAN links. You would follow the same pattern I mentioned above
    except the machines would use their own AD/DNS at their own location *first*
    with the other AD/DNSs listed as alternates. Every AD/DNS would have the
    same Forwarders Listing and the same outbound DNS permissions.
    Phillip Windell, Mar 29, 2006
  3. sjack

    sjack Guest

    I am planning to that soon but is their any way I can connect the other
    locations up to my DC in the mean time.
    sjack, Mar 29, 2006
  4. That is what I just explained in the first part of the post. The first part
    of the post deals with a LAN/WAN with one DC,....the second part of the post
    talks about a LAN/WAN with a DC at each location.
    Phillip Windell, Mar 30, 2006
  5. sjack

    Simon Guest

    I would say that rather than DNS or permissions being the error, the routers
    are not configured correctly. Routers will drop any packets if they don't
    know how to get to the destination.

    You must have two domain controllers and two DNS servers in your domain,
    more if you can afford the hardware and software, if you've only got one
    server and it crashes, your domain is dead until its been rebooted. If your
    single server crashes and burns your entire domain is dead and buried, not
    one I'd like to explain to my boss.
    Simon, Apr 4, 2006
