Hello, For Active Directory (AD) to work you need a DNS server that accepts dynamic changes. BIND can be configured to do this but it is not trivial. I'm not sure if DJBDNS (tinyDNS or DNScache) can be configured to do this. DNS is the heart of how AD gives information on which server is the Kerberos server, LDAP server, Global Catalog Server (if you have more than one Domain Controller), etc. This is accomplished by adding special records in DNS. If the DNS server does not handle these updates properly you will have a lot of problems. Most AD problems are caused by incorrectly configured DNS. The simplest and easiest way to have AD work correctly is to install your domain controller as the DNS server.
DHCP is another story. The router can remain the DHCP server if you wish but it must give out the correct DNS server address for AD to function. Hope this helps, On Fri, 2008-09-05 at 12:02 +0200, Gordon Bos wrote: > Boris, > > If you run Windows 2003 Server as a domain-controller for Windows XP or > Vista workstations then the Windows 2003 server *has* to be the DNS > server and possibly DHCP as well. > > A typical symptom of having a different server perform these roles is > when logging onto the domain authentication and loading of a relatively > small roaming profile can literally take ages to complete. > > The simplest approach would be to attach the firewall directly to a > second NIC on the Windows 2003 server and let Windows handle the > internet traffic. The alternative is to alter the default router > configuration in Microsofts DHCP server or manually set this value in > the workstations IP properties. > > Gordon > > Boris wrote: > > Hej all, > > > > > > I'm sorry to annoy you with that off-topic theme, but I'm quite sure > > there is somebody with the right knowledge on this list because the > > setup is quite common and I'm hoping strongly for help. Here's the story: > > > > I have a small network connected to the web with a Bering uClibc that > > works as dhcpd and of course dns server. Center of the network is a > > Windows 2003 SmallBusinessServer as domain-controller, file-, print-, > > and MSSQL-server. The network is slow and I get a lot of serious errors > > in the event-logs that seem to cause the bad performance: > > > >> event-id 4004: The DNS server was unable to complete directory service > > enumeration of zone .. This DNS server is configured to use information > > obtained from Active Directory for this zone and is unable to load the > > zone without it. Check that the Active Directory is functioning properly > > and repeat enumeration of the zone. The event data contains the error. > > > >> event-id 4015: The DNS server has encountered a critical error from > > the Active Directory. Check that the Active Directory is functioning > > properly. The event data contains the error. > > > > I agree my question is quite flat but it is simple: What should I look > > for and what can I do? > > > > My own brain puts out something like this: > > > > - I don't want to make the windows server dncpd. > > > > - afaik Windows Active Diretory needs the own DNS-Service, so it's > > impossible to deactivate it. > > > > - Could the problem be solved through building something like a > > dns-cascade (windows-server asks bering-box -> bering-box asks > > windows-server). How can I do something like this? > > > > Thanks a lot for your ideas! > > > > Boris > > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ -- Trev Peterson Advanced Reality Email: [EMAIL PROTECTED] Phone: +1 847 406 9018 ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
