I am setting up a computer lab for my school. We have
purchased new computers with XP pro. We have a w2k server
that will service this lab and an old lab with stations
running w98. Active Directory Service is not being used
anywere, since our other server is running nt4. I would
like to setup Active Directory Service on the W2K server.
We will not be upgrading the main(NT4)server. So the W2k
server would be a PDC within a NT4 environment. Any
problems with that? How would I name the PDC?
Thanks

Herb,
Thanks for your help. Forgive my ignorance on this as I am
just a Jr. High math teacher. If I create a new Win2000
domain, would that prevent the clients from getting out to
the Internet?
>-----Original Message-----
>
>"Ken" <(E-Mail Removed)> wrote in message
>news:057101c36386$5be99cb0$(E-Mail Removed)...
>> I am setting up a computer lab for my school. We have
>> purchased new computers with XP pro. We have a w2k
server
>> that will service this lab and an old lab with stations
>> running w98. Active Directory Service is not being used
>> anywere, since our other server is running nt4. I would
>> like to setup Active Directory Service on the W2K
server.
>> We will not be upgrading the main(NT4)server. So the W2k
>> server would be a PDC within a NT4 environment. Any
>> problems with that? How would I name the PDC?
>
>Yes, it's impossible. You can not create a Win2000 DC
>within an NT domain.
>
>You may either create a new Win2000 domain OR you can
>upgrade the NT PDC to Win2000 and thereby convert the
>domain to Active Directory/Win2000.
>
>It is perfectly reasonable to have a Win2000 DOMAIN with
>NT or even 9x servers and workstations.
>
>
>.
>

> Thanks for your help. Forgive my ignorance on this as I am
> just a Jr. High math teacher.

No problem -- [I hope however that you are far more than
"just" a "Jr. High Math" teacher. This is probably the most
important level for teaching mathematics to the next generation,
as it is freqently at this level that students make the decision
whether "I am good at math" or "I am bad at math." This
decision usually lasts the rest of their lives and is the primar
influence on actual mathematic ability. ]

> If I create a new Win2000
> domain, would that prevent the clients from getting out to
> the Internet?

No, not at all (and note that in most cases you would want
to "upgrade", not "create", a domain.)

For legacy clients (Win9x, WinNT) you can largely ignore
the upgrade differences; the database just moves to another
format and has more capabilities that older clients may even
ignore.

You can add the "DSClient" (aka "Active Directory Client
Upgrade") to the older clients but even that is misnamed
and doesn't put them "under the control" of AD's Group
Policy Objects (GPO) but merely make the clients site
and multimaster aware.

You will have to implement DNS internally and this DOES
sometimes cause people to lose client Internet connectivity
due to only making some of the needed changes.

Clients switch their DNS server "setting" to the new internal
DNS but the admin neglects to forward non-local name
resolution to the Internet -- this is perceived as a client failure
but is really a MISCONFIGURATION of the "new" DNS
server.

Solution: Internal DNS Server should generally (almost always
if you have no specific reason to do otherwise) "Forward" to
another DNS server which can lookup Internet names.

Two standard method:
1) Internal DNS server forwards to the DNS server or relay on
the inside of the WAN (ICS, NAT, Proxy, Firewall etc)

2) Internal DNS server forwards to the ISP (or in a distrubuted
school district perhaps to the "next higher authority", e.g., the
school district relays to the Internet.)

We would have to know your precise current DNS architecture
to you help you understand the choice and pick a "best" solution
for your situation but we can say this...

Clients use the Internal DNS server which then either performs
the actual recursive lookup from the root down of the Internet
OR the Internal DNS server "forward" to another DNS server
which services the request, known as the "forwarder."

Ultimately, one of the DNS servers must perform the actual
recusion from the root down through the Internet namespace.

Herb,
Thanks for your help with this (and for the reminder about
being a math teacher). I seem to be getting in a bit over
my head. For now I'm going to set up the lab without
active directory. I'll also set up an experimental network
with a few computers so I can make sure I understand how
things work before I implement them!
Ken
>-----Original Message-----
>> Thanks for your help. Forgive my ignorance on this as I
am
>> just a Jr. High math teacher.
>
>No problem -- [I hope however that you are far more than
>"just" a "Jr. High Math" teacher. This is probably the
most
>important level for teaching mathematics to the next
generation,
>as it is freqently at this level that students make the
decision
>whether "I am good at math" or "I am bad at math." This
>decision usually lasts the rest of their lives and is the
primar
>influence on actual mathematic ability. ]
>
>> If I create a new Win2000
>> domain, would that prevent the clients from getting out
to
>> the Internet?
>
>No, not at all (and note that in most cases you would want
>to "upgrade", not "create", a domain.)
>
>For legacy clients (Win9x, WinNT) you can largely ignore
>the upgrade differences; the database just moves to
another
>format and has more capabilities that older clients may
even
>ignore.
>
>You can add the "DSClient" (aka "Active Directory Client
>Upgrade") to the older clients but even that is misnamed
>and doesn't put them "under the control" of AD's Group
>Policy Objects (GPO) but merely make the clients site
>and multimaster aware.
>
>You will have to implement DNS internally and this DOES
>sometimes cause people to lose client Internet
connectivity
>due to only making some of the needed changes.
>
>Clients switch their DNS server "setting" to the new
internal
>DNS but the admin neglects to forward non-local name
>resolution to the Internet -- this is perceived as a
client failure
>but is really a MISCONFIGURATION of the "new" DNS
>server.
>
>Solution: Internal DNS Server should generally (almost
always
>if you have no specific reason to do otherwise) "Forward"
to
>another DNS server which can lookup Internet names.
>
>Two standard method:
>1) Internal DNS server forwards to the DNS server or
relay on
>the inside of the WAN (ICS, NAT, Proxy, Firewall etc)
>
>2) Internal DNS server forwards to the ISP (or in a
distrubuted
>school district perhaps to the "next higher authority",
e.g., the
>school district relays to the Internet.)
>
>We would have to know your precise current DNS
architecture
>to you help you understand the choice and pick a "best"
solution
>for your situation but we can say this...
>
>Clients use the Internal DNS server which then either
performs
>the actual recursive lookup from the root down of the
Internet
>OR the Internal DNS server "forward" to another DNS server
>which services the request, known as the "forwarder."
>
>Ultimately, one of the DNS servers must perform the actual
>recusion from the root down through the Internet
namespace.
>
>
>
>
>.
>