Confuguring DNS infrastructure of multisite multidomain network

[Bancal]

Hello,

First, I'd like to describe DNS infrastructure of my Windows 2003
network. I've got root domaun named "company.net" and three child
domains: "city1.company.net", "city2.company.net" and "city3.company
net". Two DCs of root domain are located in the company headquarteers.
Two DCs of "city1.company.net" are also located in headquarteers and
other DCs of this domain are distributed accross 15 sites connected via
WAN links. As for two other domains, "city2.company.net" and
"city2.company.net", their DCs are located in other cities and
connected with headquarteers via WAN links. Every DC has DNS service
running and DC's DNS server is authoritative for the zone of domain DC
belongs to.
I can sucessfully ping every server or worksstation in my network using
its FQDN but sometimes I can't see network shares. The error "The
network path is not found" is displayed then trying to see shares
although I can ping this PC.

What should I do in this situation?

Thanks in advance?

 

[Jimmy Andersson [MVP]]

Are you talking about browsing to the share? If so, do you use WINS?

Regards,
/Jimmy

 

[Bancal]

No, we don't use WINS.

The fact there are some DCs (which are also DNS servers) that had been
deployed before I was hired. These DCs are configured with primary and
secondary DNS servers what are hub DCs. I think it's wrong since DC
running DNS server shold use itself for resolving hostnames i.e. use
itself as primary DNS and root domain DNS as it's secondary DNS server.
I also found out that I shold disable the registration of some DC RRs
for brunch office DCs in order to public only site-specific RRs. It's
configured using DC's registry value
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ

Is it worth doing this configuration?

 

[Jimmy Andersson [MVP]]

Ok, for some reason I can't see the whole thread. But the original question
was (IIRC) that you couldn't see all PCs while browsing the network. When
you browse the network you see the other computers because the list uses
NetBios, which essentially is broadcast, if you need to see other sites PCs,
you need to configure WINS and then replicate the WINS DB between the WINS
servers.

BUT, if you're original question is about configuring DNS, I would suggest
that you look at www.microsoft.com/ad and do a search for DNS. There is
loads of articles/papers about it. Depending on the complexity of your
network, there might be a need to configure Mnemonics to control the
publishing of site and domain level records.

Regards,
/Jimmy