Guest Brad Posted September 17, 2007 Posted September 17, 2007 Recently our corporate office created a VPN tunnel between our PDC and one of their servers. Our server is running Server 2003, DHCP and DNS. Everything was working fine (user permissions, users seeing printers etc..) until corporate made this change. I ran netdiag and while I don’t have the exact error message, my DNS server 192.168.7.2 reports back fine, but then it says there is a fatal error connecting to corporate’s server, 192.168.1.7. Would having this DNS error cause user problems inside my network? I did add a new user a couple of days after this change and while his permissions are set correctly, he is unable to access any of the share drives or browse my server through My Network Places. If this is causing my problems, I will have corporate resolve this. Thanks,
Guest Anthony Posted September 17, 2007 Posted September 17, 2007 Re: Does DNS Replication issues cause user issues? Brad, You will need to be more specific and what you have set up and what errors are occuring to get anything useful, What do you mean by a VPN between a DC and a remote server? How is the VPN created? What is the connection to the remote server for? What has that to do with DNS replication? What errors are your users experiencing, or is it just one user? etc Anthony http://www.airdesk.co.uk "Brad" <Brad@discussions.microsoft.com> wrote in message news:6A7D32F7-DE18-412F-A607-DD1EB65E1EAD@microsoft.com... > Recently our corporate office created a VPN tunnel between our PDC and one > of > their servers. Our server is running Server 2003, DHCP and DNS. Everything > was working fine (user permissions, users seeing printers etc..) until > corporate made this change. I ran netdiag and while I don't have the exact > error message, my DNS server 192.168.7.2 reports back fine, but then it > says > there is a fatal error connecting to corporate's server, 192.168.1.7. > > Would having this DNS error cause user problems inside my network? I did > add > a new user a couple of days after this change and while his permissions > are > set correctly, he is unable to access any of the share drives or browse my > server through My Network Places. > > If this is causing my problems, I will have corporate resolve this. > > Thanks, >
Guest Brad Posted September 17, 2007 Posted September 17, 2007 Re: Does DNS Replication issues cause user issues? Hi Anthony, I'm not really looking for resolution to the problem, but just in general will DNS problems cause users to experience problems? Here is the situation: Our office is located in Cincinnati, OH and the corporate office is located in Kansas City. Prior to Sept 4th, our network was completely isolated from corporate (this is a franchise business) and we operated as our own entity (network wise). Then Sept 4th, we became the "Beta" site for a Microsoft CRM Package that is being hosted by our corporate office. So, they sent us a Watchguard VPN Router that created a VPN tunnel between our network and their network. Corporate then created a domain trust between our only Server and one of their servers. My server's IP address is 192.168.7.2 and points to itself for DNS, but Corporate added their server, 192.168.1.7 as the secondary DNS entry onto my server. Nothing in the Event Logs show their is problems with the DNS, however when I run: netdiag it comes up with an error that my DNS could not communicate with their DNS server and came back with a [Fatal Error]. I also ran: dnslint /ad 192.168.7.2 /s 192.168.1.7 and it would come back with an error of something like "no authorative domain" or something like that. I'm not at the office right now and I don't have the exact messages. My new user is a sales rep and he's been added to the sales group. I have a script that automatically maps both a Sales Drive and Office Drive. When these 2 drives are mapped, he can access them just fine. He can see the share drives by going to Windows Explorer and going to \\Cinci\. However when he clicks on the Sales Drive or Office Drive (from the share) he is not able to access them. It comes up with an error of "doesn't have permission or cannot communicate with server" or something like that. So I'm just wondering in general if there are DNS problems, will this cause problems for users. Thanks. "Anthony" wrote: > Brad, > You will need to be more specific and what you have set up and what errors > are occuring to get anything useful, > What do you mean by a VPN between a DC and a remote server? How is the VPN > created? > What is the connection to the remote server for? What has that to do with > DNS replication? What errors are your users experiencing, or is it just one > user? etc > Anthony > http://www.airdesk.co.uk > > > > > "Brad" <Brad@discussions.microsoft.com> wrote in message > news:6A7D32F7-DE18-412F-A607-DD1EB65E1EAD@microsoft.com... > > Recently our corporate office created a VPN tunnel between our PDC and one > > of > > their servers. Our server is running Server 2003, DHCP and DNS. Everything > > was working fine (user permissions, users seeing printers etc..) until > > corporate made this change. I ran netdiag and while I don't have the exact > > error message, my DNS server 192.168.7.2 reports back fine, but then it > > says > > there is a fatal error connecting to corporate's server, 192.168.1.7. > > > > Would having this DNS error cause user problems inside my network? I did > > add > > a new user a couple of days after this change and while his permissions > > are > > set correctly, he is unable to access any of the share drives or browse my > > server through My Network Places. > > > > If this is causing my problems, I will have corporate resolve this. > > > > Thanks, > > > > >
Guest Anthony Posted September 17, 2007 Posted September 17, 2007 Re: Does DNS Replication issues cause user issues? Yes, that's the information I was referring to. Watchguard VPN: no reason for this to cause a problem. Your original post may have been referring to a dual NIC on the DC, which is why I asked. For the trust to work, you need to be able to "find" their DC's, which means resolving their DNS zone. Putting their DNS server as an alternate DNS server (I assume that's what you meant) in your DC network properties is not the way to do this, and will cause problems on your DC. The right way to do this is to create a secondary zone in your DNS server of their DNS zone. This won't affect your clients' resolution, as they are using the DNS server, not the networking properties of the DC. However it will affect the DC. What I would do: - make screenshots of how it is - make a note of the errors - take the alternate DNS server off your DC - ask them to come back and set up the trust properly. Just an additional point: who is trusting whom? Anthony http://www.airdesk.com "Brad" <Brad@discussions.microsoft.com> wrote in message news:AF86DF68-9543-49CB-916C-A055CCC5A38D@microsoft.com... > Hi Anthony, I'm not really looking for resolution to the problem, but just > in > general will DNS problems cause users to experience problems? > > Here is the situation: > > Our office is located in Cincinnati, OH and the corporate office is > located > in Kansas City. > > Prior to Sept 4th, our network was completely isolated from corporate > (this > is a franchise business) and we operated as our own entity (network wise). > > Then Sept 4th, we became the "Beta" site for a Microsoft CRM Package that > is > being hosted by our corporate office. So, they sent us a Watchguard VPN > Router that created a VPN tunnel between our network and their network. > > Corporate then created a domain trust between our only Server and one of > their servers. > > My server's IP address is 192.168.7.2 and points to itself for DNS, but > Corporate added their server, 192.168.1.7 as the secondary DNS entry onto > my > server. > > Nothing in the Event Logs show their is problems with the DNS, however > when > I run: netdiag it comes up with an error that my DNS could not communicate > with their DNS server and came back with a [Fatal Error]. > > I also ran: dnslint /ad 192.168.7.2 /s 192.168.1.7 and it would come back > with an error of something like "no authorative domain" or something like > that. I'm not at the office right now and I don't have the exact messages. > > My new user is a sales rep and he's been added to the sales group. I have > a > script that automatically maps both a Sales Drive and Office Drive. When > these 2 drives are mapped, he can access them just fine. > > He can see the share drives by going to Windows Explorer and going to > \\Cinci\. However when he clicks on the Sales Drive or Office Drive (from > the > share) he is not able to access them. It comes up with an error of > "doesn't > have permission or cannot communicate with server" or something like that. > > So I'm just wondering in general if there are DNS problems, will this > cause > problems for users. Thanks. > > > > "Anthony" wrote: > >> Brad, >> You will need to be more specific and what you have set up and what >> errors >> are occuring to get anything useful, >> What do you mean by a VPN between a DC and a remote server? How is the >> VPN >> created? >> What is the connection to the remote server for? What has that to do with >> DNS replication? What errors are your users experiencing, or is it just >> one >> user? etc >> Anthony >> http://www.airdesk.co.uk >> >> >> >> >> "Brad" <Brad@discussions.microsoft.com> wrote in message >> news:6A7D32F7-DE18-412F-A607-DD1EB65E1EAD@microsoft.com... >> > Recently our corporate office created a VPN tunnel between our PDC and >> > one >> > of >> > their servers. Our server is running Server 2003, DHCP and DNS. >> > Everything >> > was working fine (user permissions, users seeing printers etc..) until >> > corporate made this change. I ran netdiag and while I don't have the >> > exact >> > error message, my DNS server 192.168.7.2 reports back fine, but then it >> > says >> > there is a fatal error connecting to corporate's server, 192.168.1.7. >> > >> > Would having this DNS error cause user problems inside my network? I >> > did >> > add >> > a new user a couple of days after this change and while his permissions >> > are >> > set correctly, he is unable to access any of the share drives or browse >> > my >> > server through My Network Places. >> > >> > If this is causing my problems, I will have corporate resolve this. >> > >> > Thanks, >> > >> >> >>
Guest Brad Posted September 17, 2007 Posted September 17, 2007 Re: Does DNS Replication issues cause user issues? I will do as you suggest. My corporate IT is looking into it now. They setup the trusts, so I'm not sure who is trusting whom. Thanks for your help Anthony, it is greatly appreciated! "Anthony" wrote: > Yes, that's the information I was referring to. > Watchguard VPN: no reason for this to cause a problem. Your original post > may have been referring to a dual NIC on the DC, which is why I asked. > For the trust to work, you need to be able to "find" their DC's, which means > resolving their DNS zone. Putting their DNS server as an alternate DNS > server (I assume that's what you meant) in your DC network properties is not > the way to do this, and will cause problems on your DC. The right way to do > this is to create a secondary zone in your DNS server of their DNS zone. > This won't affect your clients' resolution, as they are using the DNS > server, not the networking properties of the DC. However it will affect the > DC. > What I would do: > - make screenshots of how it is > - make a note of the errors > - take the alternate DNS server off your DC > - ask them to come back and set up the trust properly. > Just an additional point: who is trusting whom? > Anthony > http://www.airdesk.com > > > > "Brad" <Brad@discussions.microsoft.com> wrote in message > news:AF86DF68-9543-49CB-916C-A055CCC5A38D@microsoft.com... > > Hi Anthony, I'm not really looking for resolution to the problem, but just > > in > > general will DNS problems cause users to experience problems? > > > > Here is the situation: > > > > Our office is located in Cincinnati, OH and the corporate office is > > located > > in Kansas City. > > > > Prior to Sept 4th, our network was completely isolated from corporate > > (this > > is a franchise business) and we operated as our own entity (network wise). > > > > Then Sept 4th, we became the "Beta" site for a Microsoft CRM Package that > > is > > being hosted by our corporate office. So, they sent us a Watchguard VPN > > Router that created a VPN tunnel between our network and their network. > > > > Corporate then created a domain trust between our only Server and one of > > their servers. > > > > My server's IP address is 192.168.7.2 and points to itself for DNS, but > > Corporate added their server, 192.168.1.7 as the secondary DNS entry onto > > my > > server. > > > > Nothing in the Event Logs show their is problems with the DNS, however > > when > > I run: netdiag it comes up with an error that my DNS could not communicate > > with their DNS server and came back with a [Fatal Error]. > > > > I also ran: dnslint /ad 192.168.7.2 /s 192.168.1.7 and it would come back > > with an error of something like "no authorative domain" or something like > > that. I'm not at the office right now and I don't have the exact messages. > > > > My new user is a sales rep and he's been added to the sales group. I have > > a > > script that automatically maps both a Sales Drive and Office Drive. When > > these 2 drives are mapped, he can access them just fine. > > > > He can see the share drives by going to Windows Explorer and going to > > \\Cinci\. However when he clicks on the Sales Drive or Office Drive (from > > the > > share) he is not able to access them. It comes up with an error of > > "doesn't > > have permission or cannot communicate with server" or something like that. > > > > So I'm just wondering in general if there are DNS problems, will this > > cause > > problems for users. Thanks. > > > > > > > > "Anthony" wrote: > > > >> Brad, > >> You will need to be more specific and what you have set up and what > >> errors > >> are occuring to get anything useful, > >> What do you mean by a VPN between a DC and a remote server? How is the > >> VPN > >> created? > >> What is the connection to the remote server for? What has that to do with > >> DNS replication? What errors are your users experiencing, or is it just > >> one > >> user? etc > >> Anthony > >> http://www.airdesk.co.uk > >> > >> > >> > >> > >> "Brad" <Brad@discussions.microsoft.com> wrote in message > >> news:6A7D32F7-DE18-412F-A607-DD1EB65E1EAD@microsoft.com... > >> > Recently our corporate office created a VPN tunnel between our PDC and > >> > one > >> > of > >> > their servers. Our server is running Server 2003, DHCP and DNS. > >> > Everything > >> > was working fine (user permissions, users seeing printers etc..) until > >> > corporate made this change. I ran netdiag and while I don't have the > >> > exact > >> > error message, my DNS server 192.168.7.2 reports back fine, but then it > >> > says > >> > there is a fatal error connecting to corporate's server, 192.168.1.7. > >> > > >> > Would having this DNS error cause user problems inside my network? I > >> > did > >> > add > >> > a new user a couple of days after this change and while his permissions > >> > are > >> > set correctly, he is unable to access any of the share drives or browse > >> > my > >> > server through My Network Places. > >> > > >> > If this is causing my problems, I will have corporate resolve this. > >> > > >> > Thanks, > >> > > >> > >> > >> > > >
Guest Brad Posted September 17, 2007 Posted September 17, 2007 Re: Does DNS Replication issues cause user issues? Hi Anthony, One more question, could licensing be an issue? We have the standard 5 CALs that came with the server and this new user would be our 6th user. If all 6 of us are logged in, could this be causing problems? If it is, we will buy the licenses, but we are using these licenses as Per user or Per Device Mode. The corporate IT guy is thinking that the DNS issue that I explained below isn't causing the issue. Thanks. "Anthony" wrote: > Yes, that's the information I was referring to. > Watchguard VPN: no reason for this to cause a problem. Your original post > may have been referring to a dual NIC on the DC, which is why I asked. > For the trust to work, you need to be able to "find" their DC's, which means > resolving their DNS zone. Putting their DNS server as an alternate DNS > server (I assume that's what you meant) in your DC network properties is not > the way to do this, and will cause problems on your DC. The right way to do > this is to create a secondary zone in your DNS server of their DNS zone. > This won't affect your clients' resolution, as they are using the DNS > server, not the networking properties of the DC. However it will affect the > DC. > What I would do: > - make screenshots of how it is > - make a note of the errors > - take the alternate DNS server off your DC > - ask them to come back and set up the trust properly. > Just an additional point: who is trusting whom? > Anthony > http://www.airdesk.com > > > > "Brad" <Brad@discussions.microsoft.com> wrote in message > news:AF86DF68-9543-49CB-916C-A055CCC5A38D@microsoft.com... > > Hi Anthony, I'm not really looking for resolution to the problem, but just > > in > > general will DNS problems cause users to experience problems? > > > > Here is the situation: > > > > Our office is located in Cincinnati, OH and the corporate office is > > located > > in Kansas City. > > > > Prior to Sept 4th, our network was completely isolated from corporate > > (this > > is a franchise business) and we operated as our own entity (network wise). > > > > Then Sept 4th, we became the "Beta" site for a Microsoft CRM Package that > > is > > being hosted by our corporate office. So, they sent us a Watchguard VPN > > Router that created a VPN tunnel between our network and their network. > > > > Corporate then created a domain trust between our only Server and one of > > their servers. > > > > My server's IP address is 192.168.7.2 and points to itself for DNS, but > > Corporate added their server, 192.168.1.7 as the secondary DNS entry onto > > my > > server. > > > > Nothing in the Event Logs show their is problems with the DNS, however > > when > > I run: netdiag it comes up with an error that my DNS could not communicate > > with their DNS server and came back with a [Fatal Error]. > > > > I also ran: dnslint /ad 192.168.7.2 /s 192.168.1.7 and it would come back > > with an error of something like "no authorative domain" or something like > > that. I'm not at the office right now and I don't have the exact messages. > > > > My new user is a sales rep and he's been added to the sales group. I have > > a > > script that automatically maps both a Sales Drive and Office Drive. When > > these 2 drives are mapped, he can access them just fine. > > > > He can see the share drives by going to Windows Explorer and going to > > \\Cinci\. However when he clicks on the Sales Drive or Office Drive (from > > the > > share) he is not able to access them. It comes up with an error of > > "doesn't > > have permission or cannot communicate with server" or something like that. > > > > So I'm just wondering in general if there are DNS problems, will this > > cause > > problems for users. Thanks. > > > > > > > > "Anthony" wrote: > > > >> Brad, > >> You will need to be more specific and what you have set up and what > >> errors > >> are occuring to get anything useful, > >> What do you mean by a VPN between a DC and a remote server? How is the > >> VPN > >> created? > >> What is the connection to the remote server for? What has that to do with > >> DNS replication? What errors are your users experiencing, or is it just > >> one > >> user? etc > >> Anthony > >> http://www.airdesk.co.uk > >> > >> > >> > >> > >> "Brad" <Brad@discussions.microsoft.com> wrote in message > >> news:6A7D32F7-DE18-412F-A607-DD1EB65E1EAD@microsoft.com... > >> > Recently our corporate office created a VPN tunnel between our PDC and > >> > one > >> > of > >> > their servers. Our server is running Server 2003, DHCP and DNS. > >> > Everything > >> > was working fine (user permissions, users seeing printers etc..) until > >> > corporate made this change. I ran netdiag and while I don't have the > >> > exact > >> > error message, my DNS server 192.168.7.2 reports back fine, but then it > >> > says > >> > there is a fatal error connecting to corporate's server, 192.168.1.7. > >> > > >> > Would having this DNS error cause user problems inside my network? I > >> > did > >> > add > >> > a new user a couple of days after this change and while his permissions > >> > are > >> > set correctly, he is unable to access any of the share drives or browse > >> > my > >> > server through My Network Places. > >> > > >> > If this is causing my problems, I will have corporate resolve this. > >> > > >> > Thanks, > >> > > >> > >> > >> > > >
Guest Anthony Posted September 17, 2007 Posted September 17, 2007 Re: Does DNS Replication issues cause user issues? Hi Brad, Glad to help. The reason I ask about the trust is: - if they are trusting you, then fine, but who else are they trusting and could those other people potentially end up connected to you? - if you are trusting them, what protection do you have if something bad happens? Also, the Watchguard VPN is a nice easy way to make the connection, but if they do the same for everyone, how do you know who has access to your network? I would be inclined to put the Watchguard box on a separate DMZ of your network, with no access except through your firewall. That way, for example, you remain in control of who has access to your network. Anthony, http://www.airdesk.com "Brad" <Brad@discussions.microsoft.com> wrote in message news:D7BFF077-C5D1-47BC-81AE-8A6369FCE437@microsoft.com... >I will do as you suggest. My corporate IT is looking into it now. > > They setup the trusts, so I'm not sure who is trusting whom. > > Thanks for your help Anthony, it is greatly appreciated! > > "Anthony" wrote: > >> Yes, that's the information I was referring to. >> Watchguard VPN: no reason for this to cause a problem. Your original post >> may have been referring to a dual NIC on the DC, which is why I asked. >> For the trust to work, you need to be able to "find" their DC's, which >> means >> resolving their DNS zone. Putting their DNS server as an alternate DNS >> server (I assume that's what you meant) in your DC network properties is >> not >> the way to do this, and will cause problems on your DC. The right way to >> do >> this is to create a secondary zone in your DNS server of their DNS zone. >> This won't affect your clients' resolution, as they are using the DNS >> server, not the networking properties of the DC. However it will affect >> the >> DC. >> What I would do: >> - make screenshots of how it is >> - make a note of the errors >> - take the alternate DNS server off your DC >> - ask them to come back and set up the trust properly. >> Just an additional point: who is trusting whom? >> Anthony >> http://www.airdesk.com >> >> >> >> "Brad" <Brad@discussions.microsoft.com> wrote in message >> news:AF86DF68-9543-49CB-916C-A055CCC5A38D@microsoft.com... >> > Hi Anthony, I'm not really looking for resolution to the problem, but >> > just >> > in >> > general will DNS problems cause users to experience problems? >> > >> > Here is the situation: >> > >> > Our office is located in Cincinnati, OH and the corporate office is >> > located >> > in Kansas City. >> > >> > Prior to Sept 4th, our network was completely isolated from corporate >> > (this >> > is a franchise business) and we operated as our own entity (network >> > wise). >> > >> > Then Sept 4th, we became the "Beta" site for a Microsoft CRM Package >> > that >> > is >> > being hosted by our corporate office. So, they sent us a Watchguard VPN >> > Router that created a VPN tunnel between our network and their network. >> > >> > Corporate then created a domain trust between our only Server and one >> > of >> > their servers. >> > >> > My server's IP address is 192.168.7.2 and points to itself for DNS, but >> > Corporate added their server, 192.168.1.7 as the secondary DNS entry >> > onto >> > my >> > server. >> > >> > Nothing in the Event Logs show their is problems with the DNS, however >> > when >> > I run: netdiag it comes up with an error that my DNS could not >> > communicate >> > with their DNS server and came back with a [Fatal Error]. >> > >> > I also ran: dnslint /ad 192.168.7.2 /s 192.168.1.7 and it would come >> > back >> > with an error of something like "no authorative domain" or something >> > like >> > that. I'm not at the office right now and I don't have the exact >> > messages. >> > >> > My new user is a sales rep and he's been added to the sales group. I >> > have >> > a >> > script that automatically maps both a Sales Drive and Office Drive. >> > When >> > these 2 drives are mapped, he can access them just fine. >> > >> > He can see the share drives by going to Windows Explorer and going to >> > \\Cinci\. However when he clicks on the Sales Drive or Office Drive >> > (from >> > the >> > share) he is not able to access them. It comes up with an error of >> > "doesn't >> > have permission or cannot communicate with server" or something like >> > that. >> > >> > So I'm just wondering in general if there are DNS problems, will this >> > cause >> > problems for users. Thanks. >> > >> > >> > >> > "Anthony" wrote: >> > >> >> Brad, >> >> You will need to be more specific and what you have set up and what >> >> errors >> >> are occuring to get anything useful, >> >> What do you mean by a VPN between a DC and a remote server? How is the >> >> VPN >> >> created? >> >> What is the connection to the remote server for? What has that to do >> >> with >> >> DNS replication? What errors are your users experiencing, or is it >> >> just >> >> one >> >> user? etc >> >> Anthony >> >> http://www.airdesk.co.uk >> >> >> >> >> >> >> >> >> >> "Brad" <Brad@discussions.microsoft.com> wrote in message >> >> news:6A7D32F7-DE18-412F-A607-DD1EB65E1EAD@microsoft.com... >> >> > Recently our corporate office created a VPN tunnel between our PDC >> >> > and >> >> > one >> >> > of >> >> > their servers. Our server is running Server 2003, DHCP and DNS. >> >> > Everything >> >> > was working fine (user permissions, users seeing printers etc..) >> >> > until >> >> > corporate made this change. I ran netdiag and while I don't have the >> >> > exact >> >> > error message, my DNS server 192.168.7.2 reports back fine, but then >> >> > it >> >> > says >> >> > there is a fatal error connecting to corporate's server, >> >> > 192.168.1.7. >> >> > >> >> > Would having this DNS error cause user problems inside my network? I >> >> > did >> >> > add >> >> > a new user a couple of days after this change and while his >> >> > permissions >> >> > are >> >> > set correctly, he is unable to access any of the share drives or >> >> > browse >> >> > my >> >> > server through My Network Places. >> >> > >> >> > If this is causing my problems, I will have corporate resolve this. >> >> > >> >> > Thanks, >> >> > >> >> >> >> >> >> >> >> >>
Guest Anthony Posted September 17, 2007 Posted September 17, 2007 Re: Does DNS Replication issues cause user issues? Hi Brad, If we are talking about Windows CALs and not TS CALs then no. We didn't discuss in detail what actual errors you were getting. But having an alternate DNS server that does not contain the AD zone is a bad idea. Anthony, http://www.airdesk.com "Brad" <Brad@discussions.microsoft.com> wrote in message news:C03481E8-9138-4D6F-8A27-33CAF66FBC93@microsoft.com... > Hi Anthony, > > One more question, could licensing be an issue? We have the standard 5 > CALs > that came with the server and this new user would be our 6th user. If all > 6 > of us are logged in, could this be causing problems? If it is, we will buy > the licenses, but we are using these licenses as Per user or Per Device > Mode. > > The corporate IT guy is thinking that the DNS issue that I explained below > isn't causing the issue. Thanks. > > "Anthony" wrote: > >> Yes, that's the information I was referring to. >> Watchguard VPN: no reason for this to cause a problem. Your original post >> may have been referring to a dual NIC on the DC, which is why I asked. >> For the trust to work, you need to be able to "find" their DC's, which >> means >> resolving their DNS zone. Putting their DNS server as an alternate DNS >> server (I assume that's what you meant) in your DC network properties is >> not >> the way to do this, and will cause problems on your DC. The right way to >> do >> this is to create a secondary zone in your DNS server of their DNS zone. >> This won't affect your clients' resolution, as they are using the DNS >> server, not the networking properties of the DC. However it will affect >> the >> DC. >> What I would do: >> - make screenshots of how it is >> - make a note of the errors >> - take the alternate DNS server off your DC >> - ask them to come back and set up the trust properly. >> Just an additional point: who is trusting whom? >> Anthony >> http://www.airdesk.com >> >> >> >> "Brad" <Brad@discussions.microsoft.com> wrote in message >> news:AF86DF68-9543-49CB-916C-A055CCC5A38D@microsoft.com... >> > Hi Anthony, I'm not really looking for resolution to the problem, but >> > just >> > in >> > general will DNS problems cause users to experience problems? >> > >> > Here is the situation: >> > >> > Our office is located in Cincinnati, OH and the corporate office is >> > located >> > in Kansas City. >> > >> > Prior to Sept 4th, our network was completely isolated from corporate >> > (this >> > is a franchise business) and we operated as our own entity (network >> > wise). >> > >> > Then Sept 4th, we became the "Beta" site for a Microsoft CRM Package >> > that >> > is >> > being hosted by our corporate office. So, they sent us a Watchguard VPN >> > Router that created a VPN tunnel between our network and their network. >> > >> > Corporate then created a domain trust between our only Server and one >> > of >> > their servers. >> > >> > My server's IP address is 192.168.7.2 and points to itself for DNS, but >> > Corporate added their server, 192.168.1.7 as the secondary DNS entry >> > onto >> > my >> > server. >> > >> > Nothing in the Event Logs show their is problems with the DNS, however >> > when >> > I run: netdiag it comes up with an error that my DNS could not >> > communicate >> > with their DNS server and came back with a [Fatal Error]. >> > >> > I also ran: dnslint /ad 192.168.7.2 /s 192.168.1.7 and it would come >> > back >> > with an error of something like "no authorative domain" or something >> > like >> > that. I'm not at the office right now and I don't have the exact >> > messages. >> > >> > My new user is a sales rep and he's been added to the sales group. I >> > have >> > a >> > script that automatically maps both a Sales Drive and Office Drive. >> > When >> > these 2 drives are mapped, he can access them just fine. >> > >> > He can see the share drives by going to Windows Explorer and going to >> > \\Cinci\. However when he clicks on the Sales Drive or Office Drive >> > (from >> > the >> > share) he is not able to access them. It comes up with an error of >> > "doesn't >> > have permission or cannot communicate with server" or something like >> > that. >> > >> > So I'm just wondering in general if there are DNS problems, will this >> > cause >> > problems for users. Thanks. >> > >> > >> > >> > "Anthony" wrote: >> > >> >> Brad, >> >> You will need to be more specific and what you have set up and what >> >> errors >> >> are occuring to get anything useful, >> >> What do you mean by a VPN between a DC and a remote server? How is the >> >> VPN >> >> created? >> >> What is the connection to the remote server for? What has that to do >> >> with >> >> DNS replication? What errors are your users experiencing, or is it >> >> just >> >> one >> >> user? etc >> >> Anthony >> >> http://www.airdesk.co.uk >> >> >> >> >> >> >> >> >> >> "Brad" <Brad@discussions.microsoft.com> wrote in message >> >> news:6A7D32F7-DE18-412F-A607-DD1EB65E1EAD@microsoft.com... >> >> > Recently our corporate office created a VPN tunnel between our PDC >> >> > and >> >> > one >> >> > of >> >> > their servers. Our server is running Server 2003, DHCP and DNS. >> >> > Everything >> >> > was working fine (user permissions, users seeing printers etc..) >> >> > until >> >> > corporate made this change. I ran netdiag and while I don't have the >> >> > exact >> >> > error message, my DNS server 192.168.7.2 reports back fine, but then >> >> > it >> >> > says >> >> > there is a fatal error connecting to corporate's server, >> >> > 192.168.1.7. >> >> > >> >> > Would having this DNS error cause user problems inside my network? I >> >> > did >> >> > add >> >> > a new user a couple of days after this change and while his >> >> > permissions >> >> > are >> >> > set correctly, he is unable to access any of the share drives or >> >> > browse >> >> > my >> >> > server through My Network Places. >> >> > >> >> > If this is causing my problems, I will have corporate resolve this. >> >> > >> >> > Thanks, >> >> > >> >> >> >> >> >> >> >> >>
Recommended Posts