Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Active directory

04 Feb 2012   #11
cluberti

Windows 10 Pro x64
 
 

Quote   Quote: Originally Posted by ajishb03 View Post
Thank you for your reply too. Ok if internet is not required for active directory to work, then that means DNS server works for intranet as well??? Because I learned active directory cannot work without DNS server and I thought DNS server works only for internet. If DNS works for intranet (locally) then why we use www.x.com for domain.. could www be used locally for an intranet???
Woah, hold on there .

So, what you had heard is partially correct - Active Directory (any server version, any domain or forest level) absolutely requires DNS to work. Everything in active directory itself relies on DNS in some way, shape, or form, and without it AD doesn't work, computers can't authenticate, join the domain, etc. So, yes, DNS is required for Active Directory to work, and that is why you really want to install the DNS server role on your server before you install and enable the Active Directory role (the AD installation wizard will configure DNS properly for you after asking you a few questions about your domain).

However, having a DNS domain does not have anything to do with the internet - in fact, almost every AD domain out there in existence doesn't have any integration with internet-facing DNS servers short of forwarding or discovery. Also, using a root-level DNS domain for an internal domain structure, unless you are using it specifically for that purpose, is neither recommended nor a good/best practice. For example, if you owned the domain "mydomain.com", and you wanted to use that for Active Directory, that would break things like www.mydomain.com, unless you added an A record into DNS manually (or actually had a host called www in your domain - also not a good idea, in either case ).

What you should be doing, is using the name of a new subdomain of "mydomain.com", perhaps called "ad.mydomain.com", when you set up your AD infrastructure. That will create an Active Directory Forest root called "ad.mydomain.com", and the netbios domain name (unless you changed it) would be "AD". You could then easily create child domains in this forest later (for example, "sales.ad.mydomain.com" or "marketing.ad.mydomain.com") as necessary. Again, NONE of this has anything to do with the public "mydomain.com" other than you are now using it as part of your DNS naming structure for AD.

Hopefully that makes some sense - if it doesn't, I strongly suggest doing a little more reading/research into AD itself, as these are pretty basic questions about the foundations of Active Directory.
How DNS Support for Active Directory Works: Active Directory


My System SpecsSystem Spec
.
04 Feb 2012   #12
Lemur

Systems 1 and 2: Windows 7 Enterprise x64, Win 8 Developer
 
 

Quote   Quote: Originally Posted by ajishb03 View Post
Quote   Quote: Originally Posted by 2xg View Post
Hi ajishb03,

If you are up for a big challenge, you may configure your Windows 2008 Server as a Domain Controller, AD will be created automatically. It is always a good practice to configure DHCP and don't forget the DNS from the Server, then you may create/add all 10 Users in AD Users & Computers - see Lemur's Post on how to join a computer in your Domain Controller.

If you decide not to configure DHCP in your Server, you may enable DHCP from your Router (it will create conflict if your have both enabled). Make sure that all your 10 PC's have DHCP or Auto IP Enabled, they will have to receive the IP Addresses from your Router or Server. You will get the IPIPA Addressing if the IP is not configured properly from your network.

If this is the first time that you are setting up a Domain Network, you will need to do a lot of reading and training. A few others will go through some professional In-Person training, I was one of those.

A good Tutorial here on how to configure a Windows 2008 Server as your first DC.

You don't have to have a Domain Network, Workgroup will also do.

Hope this helps.
Thank you so much... so do you mean we could set an active directory on a work group as well. ??
With a workgroup, all administration would be done at the local pc. Not appropriate for AD. The domain provides a single point of administration (e.g., login script, policies, accts, etc). Stay with the domain for active directory.
My System SpecsSystem Spec
04 Feb 2012   #13
pparks1

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by ajishb03 View Post
Thank you for your reply too. Ok if internet is not required for active directory to work, then that means DNS server works for intranet as well??? Because I learned active directory cannot work without DNS server and I thought DNS server works only for internet. If DNS works for intranet (locally) then why we use www.x.com for domain.. could www be used locally for an intranet???
It is true that Active Directory relies on DNS to work. And when you install a server and run dcpromo, it will allow you to install a DNS server as well. Even on a network without internet access, you will have an internal DNS namespace. For example, EXAMPLE.LOCAL. Therefore, if you named your server Pablo, you would have a host called pablo.example.local. And you might have a workstation named tiger and a workstation named lion, thus you would have tiger.example.local and lion.example.local. All DNS is is a way to resolve hostnames on a network, it doesn't matter whether that network is a small private network, a larger corporate network, or on the Internet.
My System SpecsSystem Spec
.

05 Feb 2012   #14
ajishb03

windows 7 Home premium 64 bit
 
 

Quote   Quote: Originally Posted by pparks1 View Post
Quote   Quote: Originally Posted by ajishb03 View Post
Thank you for your reply too. Ok if internet is not required for active directory to work, then that means DNS server works for intranet as well??? Because I learned active directory cannot work without DNS server and I thought DNS server works only for internet. If DNS works for intranet (locally) then why we use www.x.com for domain.. could www be used locally for an intranet???
It is true that Active Directory relies on DNS to work. And when you install a server and run dcpromo, it will allow you to install a DNS server as well. Even on a network without internet access, you will have an internal DNS namespace. For example, EXAMPLE.LOCAL. Therefore, if you named your server Pablo, you would have a host called pablo.example.local. And you might have a workstation named tiger and a workstation named lion, thus you would have tiger.example.local and lion.example.local. All DNS is is a way to resolve hostnames on a network, it doesn't matter whether that network is a small private network, a larger corporate network, or on the Internet.
fabulous......cleared..thanks...
My System SpecsSystem Spec
05 Feb 2012   #15
ajishb03

windows 7 Home premium 64 bit
 
 

Quote   Quote: Originally Posted by Lemur View Post
Quote   Quote: Originally Posted by ajishb03 View Post
Quote   Quote: Originally Posted by 2xg View Post
Hi ajishb03,

If you are up for a big challenge, you may configure your Windows 2008 Server as a Domain Controller, AD will be created automatically. It is always a good practice to configure DHCP and don't forget the DNS from the Server, then you may create/add all 10 Users in AD Users & Computers - see Lemur's Post on how to join a computer in your Domain Controller.

If you decide not to configure DHCP in your Server, you may enable DHCP from your Router (it will create conflict if your have both enabled). Make sure that all your 10 PC's have DHCP or Auto IP Enabled, they will have to receive the IP Addresses from your Router or Server. You will get the IPIPA Addressing if the IP is not configured properly from your network.

If this is the first time that you are setting up a Domain Network, you will need to do a lot of reading and training. A few others will go through some professional In-Person training, I was one of those.

A good Tutorial here on how to configure a Windows 2008 Server as your first DC.

You don't have to have a Domain Network, Workgroup will also do.

Hope this helps.
Thank you so much... so do you mean we could set an active directory on a work group as well. ??
With a workgroup, all administration would be done at the local pc. Not appropriate for AD. The domain provides a single point of administration (e.g., login script, policies, accts, etc). Stay with the domain for active directory.
thank you
My System SpecsSystem Spec
05 Feb 2012   #16
ajishb03

windows 7 Home premium 64 bit
 
 

Quote   Quote: Originally Posted by cluberti View Post
Quote   Quote: Originally Posted by ajishb03 View Post
Thank you for your reply too. Ok if internet is not required for active directory to work, then that means DNS server works for intranet as well??? Because I learned active directory cannot work without DNS server and I thought DNS server works only for internet. If DNS works for intranet (locally) then why we use www.x.com for domain.. could www be used locally for an intranet???
Woah, hold on there .

So, what you had heard is partially correct - Active Directory (any server version, any domain or forest level) absolutely requires DNS to work. Everything in active directory itself relies on DNS in some way, shape, or form, and without it AD doesn't work, computers can't authenticate, join the domain, etc. So, yes, DNS is required for Active Directory to work, and that is why you really want to install the DNS server role on your server before you install and enable the Active Directory role (the AD installation wizard will configure DNS properly for you after asking you a few questions about your domain).

However, having a DNS domain does not have anything to do with the internet - in fact, almost every AD domain out there in existence doesn't have any integration with internet-facing DNS servers short of forwarding or discovery. Also, using a root-level DNS domain for an internal domain structure, unless you are using it specifically for that purpose, is neither recommended nor a good/best practice. For example, if you owned the domain "mydomain.com", and you wanted to use that for Active Directory, that would break things like www.mydomain.com, unless you added an A record into DNS manually (or actually had a host called www in your domain - also not a good idea, in either case ).

What you should be doing, is using the name of a new subdomain of "mydomain.com", perhaps called "ad.mydomain.com", when you set up your AD infrastructure. That will create an Active Directory Forest root called "ad.mydomain.com", and the netbios domain name (unless you changed it) would be "AD". You could then easily create child domains in this forest later (for example, "sales.ad.mydomain.com" or "marketing.ad.mydomain.com") as necessary. Again, NONE of this has anything to do with the public "mydomain.com" other than you are now using it as part of your DNS naming structure for AD.

Hopefully that makes some sense - if it doesn't, I strongly suggest doing a little more reading/research into AD itself, as these are pretty basic questions about the foundations of Active Directory.
How DNS Support for Active Directory Works: Active Directory
yup i am researching thanks...
My System SpecsSystem Spec
05 Feb 2012   #17
cluberti

Windows 10 Pro x64
 
 

Good luck
My System SpecsSystem Spec
07 Feb 2012   #18
ajishb03

windows 7 Home premium 64 bit
 
 

why some domains have 2 domain controllers ? Is this for load balancing?
My System SpecsSystem Spec
07 Feb 2012   #19
Lemur

Systems 1 and 2: Windows 7 Enterprise x64, Win 8 Developer
 
 

Redundancy. If the primary DC fails, the other takes over. They both have copies of the AD.
My System SpecsSystem Spec
07 Feb 2012   #20
ajishb03

windows 7 Home premium 64 bit
 
 

I actually wanted to work out how active directory work in corporate world as I dont have any experience in working with active directory.
DNS has all the records for the domain which is distributed in different zones like primary and secondary. Now in the domain we have users. Now my question is what sort of records or resources are the user updating in the DNS for eg. the concept of dynamic update and non dynamic update. And why the updates should sometimes be secure?

If the user logins to the given credentials to him or her and if he uses internet to browse how this could be related to the DNS dynamic update??
My System SpecsSystem Spec
Reply

 Active directory




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Frustrations with Active directory
I had some previous problems installing it but now there's still something wrong: now the right program is installed, the control panel changes have been made; I'm on the right domain; but something is wrong & I can't use it for the purpose it was intended, which is to find users & computers on...
General Discussion
Best NAS for Windows 7 & Active Directory
I have a very small AD setup at home with an EON Storage NAS which is a build of OpenSolaris. I didn't do nearly as much testing up front as I wanted to, but it seemed to be a pretty solid OS. The problem I'm having now is the lack of OpenSolaris knowledge I have when trying to optimize...
Network & Sharing
Active Directory Services is Currently not available
For some reason Word 2010 Starter has an error pop up when I try to have it find my printer. It doesn't have a printer selected, so I go to it and click 'add printer' and an error comes up saying "Find Directory: Active Directory Domain Services is currently unavailable". The printer isn't even a...
Hardware & Devices
Active Directory Information
I need an online free source where I could read basic information about AD. I would like to get a fairly good understanding of it. Where could I get one site or a couple to get very good information? Thanks!
General Discussion
Active Directory Domain not available
Hello, I'm having problems connecting a printer to my laptop. The printer was working but when my laptop went away for repair it did not work on its return. The printer works on my macbook and my PC running Vista however it will not run on the laptop running Windows 7 home premium 64 bit. ...
Hardware & Devices
add TABS to my Active Directory
http://www.sevenforums.com/attachments/general-discussion/65865-need-taps-ad-untitled.jpg Please see this link, I need to add TABS to my Active Directory Users and Computers. I am running Windows 7, 64 Bit).
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:55.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App