Reconfigure Network? - WIN2000 DNS

[Stormin_Norm]

I believe the current network I inherited is configured incorrectly. I have two XP pc's taking FOREVER to logon. I think it is a DNS issue. I need help to reconfigure this.

The corporate website is hosted by earthlink. Lets call it www.corpxyz.com

The internal corporate Win2000 server is server.corpxyz.com (192.168.1.2) with 1 network card.

There is a vpn connection/port open for vpn.corpxyz.com which forwards to server.corpxyz.com

Every PC on the LAN has DNS resolution statically defined as an earthlink DNS (e.g. 207.217.126.81 & 82)

The reason every pc is configured this way is to allow the users to view the corporate website www.corpxyz.com. IF a pc is set up as dynamic DNS resolution, then the user can NOT view the corporate website.

If the pc's are reset to dynamic- what do I need to change on the server to allow them to see the corporate website? Is it a forward lookup? And what do I have to setup/check to ensure the server's dns looks up the correct IP for the corporate website on a daily basis?

What should the TCP/IP DNS settings be for the LAN card on the server? Dynamic (looks at itself?) or keep it the Static earthlink DNS entry (207.217.126.81)??

Also--- If we move to Win2003 server, would you migrate the existing AD? Or would you recreate the LAN as corpxyz.local

Thanks networking pros!!

[RogueSpear]

You didn't mention how many clients you're supporting, but from what I read I will assume you have a single domain controller that is handling all of your server chores. If this is not the case, you can adjust accordingly.

You should have your domain controller acting as both a DNS and DHCP server. DHCP should assign the DNS server assignment as being the IP of your domain controller. The forward lookup zone should be configured as an Active Directory integrated type. And the DNS server assignment on your domain controller for the internet facing NIC (even it's the only one) should have the IP addresses of your ISP's DNS servers (Earthlink?).

In a nutshell, all of your clients should be making their DNS requests to YOUR server, which will then query Earthlink's DNS servers. It's pretty important, I mean seriously important, to have DNS functioning properly in an Active Directory environment for thing to work properly.

Now there's no way I could really tell you everything you need to know about DNS and Active Directory in a post, especially since I don't know too much at all about your network. The other thing is that I am FAR from being an expert at this stuff. Yes, I've implemented a few networks, but they're small and cut n' dry type networks. No JC Penny or Ford Motor Company type of enterprise network experience here. What I definately can suggest is that you run out to a book store and pick Mark Minasi's Mastering Windows 2000 Server (or the newer Mastering Windows 2003 Server) published by Sybex. I simply cannot recommend this author enough. Not only is extremely proficient in most things Microsoft, but he has a true talent for communicating what it is that you want and need to know very effectively.

If you have a little time on your side, you can find it online at a pretty good discount as compared to a brick and mortar. But trust me on this, just bite the bullet and devote an entire weekend to reading this book. You'll be glad you did.

Edited February 3, 2006 by RogueSpear

[Stormin_Norm]

I appreciate your fast response! Thanks for the quick overview and book tip. I will head to the store today.

Yes it is a one server network. Yes we are now running DHCP. Before, half the pc's were hard coded and half were not.

I believe the problem is that Earthlink's DNS servers are not being utilized in our DNS. Would I only add them as a forward lookup or is there somewhere else I need them defined?

How many should I use?? I would assume it is best to use the TWO from the ISP (earthlink) and perhaps one from another service. Can I assume the order of the dns forwards will be how they resolve a host? In other words, I would enter the earthlink DNS server name and number, then perhaps a fallback server name and numer.

[RogueSpear]

I went back to one of my setups and was surprised to find the forest root server points at itself and another domain controller as DNS servers. I'll have to look into it some more for a better explanation. Especially since everything is working and has been working for so long now, I've never had the need to tinker with it.

[rendrag]

usually 2 DNS servers are enough... however you won't be worse off pointing to 3 of them.

They query in the order listed, so DNS 1 will be asked to resolve first. If that's not available, it asks 2, etc.