DNS problem- not for the faint hearted!

[mwilson 0]

I have two domain controllers, one called H and and the other P.

 

H is the domain controller, its the master for active directory, DNS etc (or supposed to be)

 

P runs a mail program, accounts package and a web proxy application.

 

I keep having this problem where H and P lose the connection to the entire network, (not physcially), no one can access either and i have to keep messing with the DNS till it works.

 

Being honest i dont have a clue what im doing.

 

I want H to send a copy of the DNS to P.

 

Also H can ping P but P cant be ping H. After messing with the DNS i can use everything on both servers but things like unable to browse the network and unable to ping with P crops up.

 

Any ideas?

 

thanks

[clutch 1]

H should be hosting DNS, and you should have your particular zone (mydomain.com or whatever you have) configured for AD Integration (you could use primary and secondary zones, but if this is a closed environment in a small network you shouldn't bother - also, use Secure Dynamic Updates for your clients if you can). It should have its own network adapter pointing to itself for name resolution, and be configured to use a forwarder to your ISP's DNS box(es) for outside name resolution. You should have static records for your server, and an MX record along with other aliases (records that point to your static server records) for other services, such as mail.mydomain.com, www.mydomain.com, ftp.mydomain.com, etc. After this, all clients and member servers should have their respective IP paremeters point to H for name resolution.

 

In a multi-DC environment, you should have H point to itself, with P pointing to H (remember, using AD integrated DNS is recommended and makes this a lot easier to manage) for DNS resolution during P's dcpromo process. Once that is completed and P has rebooted, install the DNS service on P. When you open the DNS console on P, you will see the DNS zone for your domain already loaded (or still loading, depending on its size) and ready to go. At this point, configure P to point to itself for DNS resolution, with both H and P pointing to each other as alternate DNS entries (this is assuming that you are using Windows Server 2003, as it does not "island" in this configuration).

 

Having said that, you normally would not want to install other services and applications on a domain controller.