Split-brain DNS server cannot log into AD domain

[Eric]

I have my DNS servers (Windows 2000) in a split-brain configuration, and
theDNS servers that service the internet cannot log into the Active
Directory domain they are a member of. These DNS servers host the public
zone for "intelemedia.net" which also happens to be the name of the Active
Directory domain (Windows 2000). Since the external DNS servers are set to
query themselves for DNS resolution, how are they supposed to find the
Active Directory integrated DNS servers for intelemedia.net to know which
servers will service their logon request?

Any help would be greatly appreciated.

Thank you!
-Eric

 

[Kevin D. Goodknecht Sr. [MVP]]

I have my DNS servers (Windows 2000) in a split-brain configuration,
and theDNS servers that service the internet cannot log into the
Active Directory domain they are a member of. These DNS servers host
the public zone for "intelemedia.net" which also happens to be the
name of the Active Directory domain (Windows 2000). Since the
external DNS servers are set to query themselves for DNS resolution,
how are they supposed to find the Active Directory integrated DNS
servers for intelemedia.net to know which servers will service their
logon request?

Set the external DNS servers, if they are members of the AD Domain, to point
to the AD DNS servers, only. No AD Domain members should use the external
DNS servers in TCP/IP properties.

 

[Ace Fekay [MVP]]

In

Set the external DNS servers, if they are members of the AD Domain,
to point to the AD DNS servers, only. No AD Domain members should use
the external DNS servers in TCP/IP properties.

Just to add, just because the DNS servers host external zone data, doesn;'t
mean they must point to themselves for DNS. They can still point to, and
actually MUST point to the internal DNS to resolve domain data. A forwarder
from the internal servers to this server or the ISP's DNS will handle
Internet resolution efficiently.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================

 

[Eric]

That fixed it. Thank you for correcting my misunderstanding of DNS with AD.

-Eric

"Ace Fekay [MVP]"

 

[Ace Fekay [MVP]]

In

That fixed it. Thank you for correcting my misunderstanding of DNS
with AD.
-Eric

Good to hear!

Ace