My proposed solution below seems to have done the trick. The PDC is acting as the DNS server for the .local zone. For whatever reason, Windows XP requires that the DNS lookups for that zone resolve correctly, so to access a server in the domain called <machineName> with IP address 192.168.100.10, Windows XP clients in their network need the IP address to resolve to <machineName>.<domain>.local. For whatever reason, Win2K clients were able to resolve the IP address to the name without the DNS configuration change.
On Thu, Mar 19, 2009 at 5:31 PM, Robert Munn <[email protected]> wrote: > solved, finally. i'll post more details when i have something other > than my phone to type on... > > On 3/19/09, Michael Grant <[email protected]> wrote: > > > > Whadya find out? > > > > >> My proposed solution, which I have not had time to thoroughly test, is > to > >> point everyone's DNS at the pfSense appliance, and have it point to the > >> domain controller first and the ISP DNS second. That allows us to use > the > >> firewall's DNS forwarder service to override DNS entries for public > sites > >> with their internal addresses, and still use the PDC for internal name > >> resolution. > >> > >> Going back to the basic problem, Windows 2K users are not affected, so > it > >> seems like something changed in the trust relationship subsystem between > >> Win2K and XP, and XP isn't able to cope with whatever Win2K is trying to > >> do. > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:292382 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
