DNS confusion for single dc server vs multiple servers

[administrator]

Sigh, ok, wading through the DNS discussions, here is what
I have...
One AD domain controller (there are no other servers). We
have ADSL internet. Everything is a static ip (private on
internal LAN side), and clients are WIN2K WIN98 mixture.
I don't need/care/want to have unnecessary DNS resolution
offered by the server for Internet users usage. The users
use the router/DNS resolution for Internet, and that's the
way I want it. Yet all the newsgroups/Microsoft seem to
tout/cram this DNS on DC more for multi server(s)
environment, and not for a small single-server
environment. Here is my ipconfig /all, and I am still
battling the 5774 errors, one Microsfot KB says have the
DNS point to itself, and another says NOT to, that's
confusing. Suggestions, please, for a single server
network.

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

E:\WINNT>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : lc2000
Primary DNS Suffix . . . . . . . : best-
mortgage.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : best-
mortgage.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/1000 XT Server Adapter
Physical Address. . . . . . . . . : 00-02-B3-D7-85-
7A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.7
151.164.8.201
151.164.1.8
Primary WINS Server . . . . . . . : 151.164.8.201

E:\WINNT>

Cordially,
RO

 

[Kevin D. Goodknecht [MVP]]

In (e-mail address removed) <[email protected]> posted
a question
Then Kevin replied below:

Sigh, ok, wading through the DNS discussions, here is what
I have...
One AD domain controller (there are no other servers). We
have ADSL internet. Everything is a static ip (private on
internal LAN side), and clients are WIN2K WIN98 mixture.
I don't need/care/want to have unnecessary DNS resolution
offered by the server for Internet users usage. The users
use the router/DNS resolution for Internet, and that's the
way I want it. Yet all the newsgroups/Microsoft seem to
tout/cram this DNS on DC more for multi server(s)
environment, and not for a small single-server
environment. Here is my ipconfig /all, and I am still
battling the 5774 errors, one Microsfot KB says have the
DNS point to itself, and another says NOT to, that's
confusing. Suggestions, please, for a single server
network.

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

E:\WINNT>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : lc2000
Primary DNS Suffix . . . . . . . : best-
mortgage.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : best-
mortgage.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/1000 XT Server Adapter
Physical Address. . . . . . . . . : 00-02-B3-D7-85-
7A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.7
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.7
151.164.8.201
151.164.1.8
Primary WINS Server . . . . . . . : 151.164.8.201

E:\WINNT>

Cordially,
RO

It does not matter how many servers you have if you're running an AD domain
you need DNS and all machines *MUST* use it only.
You need to remove your ISP's DNS that will rid you of the 5774s.

If your local DNS is not resolving internet names it probably has a "."
forward lookup zone, delete that zone. Then you can use your ISP's DNS as
forwarders o0n the forwarders tab.
300202 - HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?id=300202&FR=1

Why do you have your ISP's DNS listed as your WINS server? You need to
remove that, too.

 

[Jonathan de Boyne Pollard]

a> I don't need/care/want to have unnecessary DNS resolution
a> offered by the server for Internet users usage. The users
a> use the router/DNS resolution for Internet, and that's the
a> way I want it.

Then you want to shoot yourself in the foot, and your problems
are self-inflicted.

<URL:http://homepages.tesco.net./~J.deBo...nt-all-proxies-must-provide-same-service.html>

 

[Kevin D. Goodknecht [MVP]]

In

a> I don't need/care/want to have unnecessary DNS resolution
a> offered by the server for Internet users usage. The users
a> use the router/DNS resolution for Internet, and that's the
a> way I want it.

Then you want to shoot yourself in the foot, and your problems
are self-inflicted.

I agree!

 

[Ace Fekay [MVP]]

In (e-mail address removed) <[email protected]> posted
their thoughts, then I offered mine

I don't need/care/want to have unnecessary DNS resolution
offered by the server for Internet users usage. The users
use the router/DNS resolution for Internet, and that's the
way I want it. Yet all the newsgroups/Microsoft seem to
tout/cram this DNS on DC more for multi server(s)
environment, and not for a small single-server
environment. Here is my ipconfig /all, and I am still
battling the 5774 errors, one Microsfot KB says have the
DNS point to itself, and another says NOT to, that's
confusing. Suggestions, please, for a single server
network.

<snip>

It's really not confusing. Just use your internal DNS on ALL your internal
machines ONLY. No mincing words there. COnfigure a forwarder. Kevin pretty
much has the instructions for you. If you want to read up more on it, see
this:
http://support.microsoft.com/?id=291382

Unfortunately, as everyone else suggested and what you've read in the forum,
you will be constantly battling with these errors unless you remove the
router's (or the ISP's DNS if there) as a DNS address in your machines' IP
properties. follow Kevin's suggestions, otherwise if you do what you WANT,
then, you'll be in a consistent battle and it will NEVER work correctly.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory