Setup the reverse lookup zone and add the PTR records. You should be OK then.
Chris Bodnar, MCSE Sr. Systems Engineer Infrastructure Service Delivery Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: [email protected] Phone: 610-807-6459 Fax: 610-807-6003 -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Wednesday, September 30, 2009 1:45 PM To: NT System Admin Issues Subject: Re: How to set up a private network on VMware ESX for testing purposes On Wed, Sep 30, 2009 at 12:54 PM, Jonathan Link <[email protected]> wrote: > You didn't mention it in your detail, so I would be remiss if I didn't > ask. Did you add the workstations as hosts in the DNS snapin if you're not > using DHCP? I am not using DHCP in the private network; all hosts have static addresses. The workstation IPs are not in DNS; why would they need to be, I wonder? Shouldn't the DNS just answer, especially if I ask the DNS server about itself ? :-) The host I am querying about, is the DNS server itself, so it has an entry for itself (no reverse, as I made no reverse zone zone. The reverse isn't required to do a lookup by FQDN). i.e., when I say "nslookup WDC003", WDC003 is the DNS server, and the machine I am issuing the nslookup from (TST002) , has WDC003 as it's DNS server definition in TCP/IP properties. > IF you are using DHCP are you creating the host entries via dynamic updates? No DHCP in use on the private domain. > > > On Wed, Sep 30, 2009 at 12:20 PM, Michael Leone <[email protected]> wrote: >> >> So I run a Win2000 domain (in a parent/child configuration), and want >> to move up to Win2003. Additionally, I run a ESX cluster. In there >> are virtual DCs, one for the root, one for the child. >> So I thought to make a private network (using a virtual switch, >> attached to no physical NICs), and replicate my domains, and practice >> the upgrade. And test anything else, as needed. >> >> So I took a clone of each of the DCs, and assigned them to this >> virtual switch. Changed their IP addresses to use something different >> than my production IP range. Both are DNS servers. So I'm testing, to >> see if everything is configured correctly, before practicing the >> upgrade. And I have a DNS issue already ... >> >> I changed each DC to point to itself as DNS. I added a couple >> non-domain member workstations, and pointed their DNS at the 2 DCs >> (child DC first, then parent). And I did a nslookup from one of these >> non-domain members ... >> >> >nslookup <child-DC FQDN> >> DNS request timed out. >> timeout was 2 seconds. >> *** Can't find server name for address 172.16.7.65: Timed out >> DNS request timed out. >> timeout was 2 seconds. >> *** Can't find server name for address 172.16.7.64: Timed out >> *** Default servers are not available >> Server: UnKnown >> Address: 172.16.7.65 >> >> Name: <child-DC FQDN> >> Address: 172.16.7.65 >> >> (child DC = 172.16.7.65; parent DC = 172.16.7.64) >> >> So eventually, it came back with the right info. But I am unclear as >> to why I am getting the errors above. Can anyone shed any light? >> >> Any steps I've left out? I didn't make a subnet entry in "Sites and >> Services" for the "172.16.x.x" range; would I need to? I haven't done >> any domain changes (i.e., haven't seized any FSMO roles). >> I have IP connectivity, as I can ping all machines by IP address, and >> get a response. I have no gateway defined, but that shouldn't matter, >> should it? >> >> I'm missing something relatively simple, I feel sure. But I dunno what >> .... >> >> Thanks >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
