Needing some guidance on naming conventions for DNS Server/DC

Greetings, I have got the following in a VMWare bridged environment:

-2 Windows 2003 Servers, where one does DNS and DC (server 1) and the other is a DC (server 2)
-2 Win XP Clients

I have been able to join the XP clients to the domain (server 1) with no problem, and I was even able to have the 2nd DC (server 2) join the 1st DC.

However I setup the 2nd DC so I could start to get some replication experience and I'm having issues. This maybe the result of confusion on how to name the DNS server and then the DC, because I find myself getting confused between the two. I even got some odd errors when trying to force replication between the two as I was creating a user in one domain and trying to see if they would show up in the second domain.

For example, under DNS, the top level DNS shows as koajdc.
The domain controller (server1) is koajdc01d.org (I gave it the 01 as the first domain controller, and 'd' for devlopment).

The second domain controller is: koajdc02d.org...So when on the 2nd computer: My Computer > Properties > Computer Name the full computer name shows as koajdc02d.koajdc01d.org...a bit confusing.

SO, in summary, what is the best way to set a naming convention when creating DCs and DNS?

thanks

Find more posts tagged with

Comments

dynamik

Most people name their internal domains something like corp.domain.com or domain.local. It's usually better to not have it be the same as their external domain.com.

Personal preference as far as naming the actual machines go. I like to name them something descriptive, such as DC01, etc. Some people might like to name them something generic (or obscure) for security purposes, such as Server01. However, it's trivial to figure out what services are running on a given machine, so you really don't get any more security, and you just make things more difficult to manage on your end.

jojopramos

The way that I understand your explanation is that...

First, you said that koajdc shows on the DNS... is koajdc.org your domain? then you name the first DC as koajdc01d.org and koajdc02d.koajdc01d.org for the second... this is so wrong. The way that I see this is that your top level domain is koajdc01d.org and you have a child domain which is koajdc02d.koajdc01d.org... I am just basing this as per your explanation.

My advise: You may name your domain as koaj.org or you may use koaj.local since this is an internal domain...(koajdc is what many admin use for dc hostname) which will also be the DNS name. Name your first domain controller as koajdc01d.koaj.org and the second DC as koajdc02d.koaj.org. In promoting the Domain Controller, bear in mind that the domain is the same as your DNS name especially when configuring the AD integrated zone.

rwwest7

If in DNS you have koajdc (if that's truly your domain name), then your computers should be named koajdc01d.koajdc and not koajdc01d.org .

You don't absolutely need a .org or .local or .domain after your domain name.

rwwest7

JockVSJock wrote: »

Greetings, I have got the following in a VMWare bridged environment:

-2 Windows 2003 Servers, where one does DNS and DC (server 1) and the other is a DC (server 2)
-2 Win XP Clients

I have been able to join the XP clients to the domain (server 1) with no problem, and I was even able to have the 2nd DC (server 2) join the 1st DC.

However I setup the 2nd DC so I could start to get some replication experience and I'm having issues. This maybe the result of confusion on how to name the DNS server and then the DC, because I find myself getting confused between the two. I even got some odd errors when trying to force replication between the two as I was creating a user in one domain and trying to see if they would show up in the second domain.

For example, under DNS, the top level DNS shows as koajdc.
The domain controller (server1) is koajdc01d.org (I gave it the 01 as the first domain controller, and 'd' for devlopment).

The second domain controller is: koajdc02d.org...So when on the 2nd computer: My Computer > Properties > Computer Name the full computer name shows as koajdc02d.koajdc01d.org...a bit confusing.

SO, in summary, what is the best way to set a naming convention when creating DCs and DNS?

thanks

This means your domain is named koajdc01d.org. If I were you I'd start from scratch.

JockVSJock

My work gave me some TrainSignal DVDs and that is what they did in their DNS example.

This is the 1st time I have ever setup DNS.

rwwest7 wrote: »

If in DNS you have koajdc (if that's truly your domain name), then your computers should be named koajdc01d.koajdc and not koajdc01d.org .

You don't absolutely need a .org or .local or .domain after your domain name.

JockVSJock

Starting from scratch, meaning can I rename my DNS server or do I have to blow it away and start over?

I didn't see an option to rename in Windows DNS.

rwwest7 wrote: »

If I were you I'd start from scratch.

jojopramos

I may suggest that you should just start from clean re-installation of Windows Server 2003 and establish a new domain by using the dcpromo. Review your notes on establishing a domain. A DNS zone is the contiguous portion of the DNS domain name. This site might help you to understand more on domain and DNS (Planning and Implementing a DNS Namespace)

By the way just for your info, you can also rename a domain by using rendom.exe and rename a domain controller using netdom.exe.

Hyper-Me

rwwest7 wrote: »

If in DNS you have koajdc (if that's truly your domain name), then your computers should be named koajdc01d.koajdc and not koajdc01d.org .

You don't absolutely need a .org or .local or .domain after your domain name.

Having a single-label name for the domain is bad joo joo.

jojopramos

Hyper Me, are you referring to me or to rwwest7? (joo joo?) is that a new word lol

Hyper-Me

jojopramos wrote: »

Hyper Me, are you referring to me or to rwwest7? (joo joo?) is that a new word lol

rwwest. He said you dont need a .org or .local after the single label portion of the dns domain name.

While it doesnt have to be org or local, using solely a single label name is just a bad practice.

jojopramos

I certainly agree

JockVSJock

***UPDATE***

I blew away both domain controllers and rebuilt them and also had the put all of the clients back to the Workgroup and then to the new domain (can't imagine doing any of this without VMWare). Also renamed all of the clients, to xp1, xp2 and xp3.

Once building the new domain, calling it dc01, I then installed DNS and gave it the following domain name: koaj.org

When installed AD also did the same thing for the domain name , so I haven't gotten any weird/funny errors at this time.

BTW, this is what the instruction video did, and I followed the example and it seems to work ok.

I was able to join the clients to the domain (dc01) with no issue.

I then created a 2nd DC (dc02) and was able to have it join to the 1st dc with no issue and then installed AD.

Once doing this I could go to both dcs and see both domain controllers and computers.

HOWEVER, still having an issue of replication. Will post more on that later.

thanks

JockVSJock

jojopramos wrote: »

This site might help you to understand more on domain and DNS (Planning and Implementing a DNS Namespace)

This URL has really good info, will have to print this out in order to absorb it.

thanks

Hyper-Me

Why are you installing DNS first?

Did you try running DCDIAG?

jojopramos

In the promotion of domain controller/establishing a domain, it is either you can setup your DNS first (Primary Zone) or install DNS when you run the Active Directory Domain Services Installation Wizard (AD integrated Zone) but microsoft always recommend that you install DNS when you run the Active Directory Domain Services Installation Wizard. If you do this, the wizard creates the DNS zone delegation automatically. Whether or not the DNS Server service is AD DS-integrated, you must install it on the first domain controller in the AD DS forest root domain that you deploy.

jojopramos

After the promotion, always install the Windows Support Tools and Resource Kit. Run DCDiag to check/verify the configuration/health of the DC.

hcm2009

rwwest7 wrote: »

If in DNS you have koajdc (if that's truly your domain name), then your computers should be named koajdc01d.koajdc and not koajdc01d.org .

You don't absolutely need a .org or .local or .domain after your domain name.

Hi all!
I've just visited this forum. Happy to get acquainted with you. Thanks.

royal

Ok, it's like this:

First DC in a domain/forest, let DCPROMO install DNS.
Any DC after that, I always just point its DNS (will have to) to an existing DC and then DCPRomo it. I then install DNS, let AD replication bring over the DNS zones. Now your new DC is a Nameserver (gets created automatically).

New trees/child domains, do the same thing. But before you DCPromo, add a delegation so the new server will have delegated rights to the new namespace. That way, DCPROMO will recognize it's authoritative and install DNS. Before reboot after DCPromo completes, you can remove the delegation and add a forwarder/stub if you like.

That's what I always do.