[windows2000] Re: Just how does DNS work on W2k3
- From: "Braebaum, Neil" <Neil.Braebaum@xxxxxxxxxxxxxxxxx>
- To: <windows2000@xxxxxxxxxxxxx>
- Date: Fri, 31 Oct 2003 14:56:21 -0000
Comments inline...
> -----Original Message-----
> From: Braebaum, Neil
> Sent: 31 October 2003 14:50
> To: Braebaum, Neil
> Subject: Just how does DNS work on W2k3
>
> Well, we broke out and installed a new W2k3 domain. Setup
> our DNS server and all appears to be going well. We have
> some clients that are student lab machines that we use
> TweakUI to automatically login using a domain account. It
> appears that tweak ui is moving too fast to always catch the
> login script.
>
> The student system is on the 172.16.12 network. The DC sits
> on the network and has 3 NICs - one for each of the three
> subnets that its assigned to (172.16.12, 172.16.20 and a
> public IP - 198.85.X.X). This worked quite well for us in
> our NT4.0 environment and worked fine for our test environment.
Presumably, by this you mean these are three distinct subnets, using a
class c? (ie 255.255.255.0 subnet mask)
Does the DC do any routing? What does it's routing table look like?
Are all these subnets included in sites and services?
> So, when a student machine logs in automatically using
> TweakUI it doesn't get the login script. However, when we
> force a login w/o using TweakUI, the login script processes
> fine. We put a sniffer on the network and found the
> following:
>
> When the student asks for permissions to login it sends a
> message asking for a DC. I was told that it returned the
> three address of the DNS server (which in this case is also
> the DNS server) So, it traverses our network finding the
> subnet that responded first. In one case (.20) the client
> side(on the .12 network) will never see that side (the .20)
> of the network. If 198 responded, the client's traffic
> traverses through the network out past the router to come
> inbound and get on the 198 side of the network. Thus, the
> client not waiting for the traffic to return - so it appears
> to time out and use the cached credentials.
>
> So, I guess my question is... how is this process supposed to
> work? When a client wants to login to a DC that it is a
> member of, what actually happens? Client is XP Pro SP1 -
> Server is W2k3 Server all patches.
Are you asking for the algorithm used for a machine (windows 2000
onwards) to obtain site information, and thus the appropriate DC?
> To me, it appears we have something incorrectly setup on the
> DC/DNS. In NT4.0, when a client on the .12 network requested
> something from the DC, it responded on the .12 network.
> Almost as if it was intelligent enough to determine the
> subnet the request came in on....
>
> Any ideas?
Do all three interfaces register in DNS?
If you use nslookup (in interactive mode), do a set type=srv, and
request _ldap._tcp.<DNS name of your domain> what do you get - and is it
what you expect?
Neil
***********************************************
This e-mail and its attachments are confidential
and are intended for the above named recipient
only. If this has come to you in error, please
notify the sender immediately and delete this
e-mail from your system.
You must take no action based on this, nor must
you copy or disclose it or any part of its contents
to any person or organisation.
Statements and opinions contained in this email may
not necessarily represent those of Littlewoods.
Please note that e-mail communications may be monitored.
The registered office of Littlewoods Limited and its
subsidiaries is 100 Old Hall Street, Liverpool, L70 1AB.
Registered number of Littlewoods Limited is 262152.
************************************************
********************************************************
This Weeks Sponsor Pearl Software
Internet Monitoring, Filtering, and Control Solutions
Enabling User & Group Level Oversight & Access Policies
Fully Functional in a Thick or Thin Client Environment
http://www.pearlsw.com
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
