Question

  • Creator
    Topic
  • #2172529

    HOw to join wind 7 to 2003 AD domain without DNS server

    Locked

    by dorahoney ·

    Hi all

    I am new to this stuff and have an issue which I cannot correct without causing havoc on my domain.

    I have a 2003 R2 Domain which the previous IT person had not setup DNS he uses the DNS from the ISP on all the computers ( which is a mega NO NO as I know it) anyway the issue is that now I need to add windows 7 Prof clients to the domain and I am not having any luck.

    Running nslookup on the windows 7 client produces the IP and name of the DNS of the ISP. I am able to ping the Domain server from the win 7 computer.

    The Domain Controller does not have DNS setup at all.
    There exists 6 VPN setup by the ISP toremote offices which run a custom SQL program.

    As we all know wind 7 relies on DNS for mappings and so on how do I get to join this new wind 7 computer to the existing domain with the least amount of chaos now.

    FYI a new server 2008 domain controller will join the domain in under a month and I was thinking on setting DNS services up on it and removing the ISP DNS from the clients then replacing the DNS IP on the clients and then setting up a forwarder on the new server DNS to the ISP’s DNS.

    The issue is NOW what can I do to get this wind 7 computer joined to the domain ?
    Two if I do as I state above with the new server setting up DNS will I affect the VPN’s??

    Thanks in Advance for any help

All Answers

  • Author
    Replies
    • #2880482

      Clarifications

      by dorahoney ·

      In reply to HOw to join wind 7 to 2003 AD domain without DNS server

      Clarifications

    • #2880479

      Use the HOSTS file?

      by seanferd ·

      In reply to HOw to join wind 7 to 2003 AD domain without DNS server

      Otherwise, I’m not entirely sure about how the home networking aspect of 7 works, but you should be able to join the workgroup/”domain”.

      Note that your only problem here might not be the lack of a local DNS server. For example, http://support.microsoft.com/kb/926505

      I can’t believe there you have a whole business network relying on NXDOMAIN responses from an ISP DNS server so that local resolution occurs. Insane! Especially since it is AD without DNS. It will be far better once you get a DNS server going.

      “Running nslookup on the windows 7 client produces the IP and name of the DNS of the ISP. I am able to ping the Domain server from the win 7 computer.”

      What are you looking up? If you look up your internal “domain name” or whatever it is, the ISP DNS server should return NXDOMAIN. Then WINS or NetBIOS or whatever would take over and resolve locally. (But you won’t see that via nslookup.)

      Order in which the above occurs: local resolver cache, hosts file, DNS, WINS, NetBIOS name cache, NetBIOS, lmhosts file.

      • #2880307

        Reponse To Answer

        by dorahoney ·

        In reply to Use the HOSTS file?

        THe hosts file was the first thing I tried but no change.

        I know that without DNS it is crazy but I did not do it I found it like that the issue is now how to make the change with the least amount of downtim and problems. There are 6 VPN to remote sites and I am afriad as I dont know what and how they are setup that if i setup a DNS internal it will effect the VPN’s. If that happens then I am screwed because the remote sites will not be able to bill….

        I was thinking once I get the new server 2008 up and installed to set it up as a internal DNS and having a forwarder in the DNS to the ISP DNS.

        Now a question here is if I have a present domain as XXX.eu and I setup an internal DNS should I set it up as local.XXX.eu and then have the forwarder in DNS point to the ISP’s or should I use the XXX.eu on the internal DNS as well ?? which would mean I would change the internal pc to logon to local.XXX.eu is this correct or do I have it wrong ?

        THanks for your answers

    • #2880475

      Might help to turn on WINS

      by kenone ·

      In reply to HOw to join wind 7 to 2003 AD domain without DNS server

      Win 7 turns it off by default

    • #2880451

      well you can’t have Active Directory working without DNS

      by cg it ·

      In reply to HOw to join wind 7 to 2003 AD domain without DNS server

      no DNS zone for the domain = broken Active Directory

      Active Directory will not work without DNS services. USers can’t log on to the domain, access resources through the domain…so on and so forth…

      I’ve not heard of any ISP that will provide DNS services to businesses for their Active Directory domain…Unless the business has specifically contracted for “Cloud” services or NOC services.

      If that’s the case, it’s up to the Cloud provider or NOC to allow the workstation to join the domain. Typically, the Cloud provider or NOC will ship a preconfigured workstation.

      So try again…..

      • #2880310

        Reponse To Answer

        by dorahoney ·

        In reply to well you can’t have Active Directory working without DNS

        Active DIrectory has been working for 9 years with windows xp computers being able to join the domain and share files and folders and scripts running.
        Now with WINDOWS 7 Prof we have a problem they cant join the domain.

    • #2880294

      as I said, Active Directory can not function without DNS

      by cg it ·

      In reply to HOw to join wind 7 to 2003 AD domain without DNS server

      there has to be a DNS server for the domain zone. So, if your Active Directory is working, you have a DNS server for the domain zone.

      Here’s a microsoft technet article on Active Directory and DNS and how the two are intergrated and work together.

      http://technet.microsoft.com/en-us/library/cc759550(WS.10).aspx

      Now, here’s your hint of how to get Windows 7 to join a domain. Note: this information is available on Microsoft’s technet in a KB article if you care to simply look.

      “Windows 7 needs the DNS suffix as a “helper” .

    • #2880252

      Agreed, DNS is a must for Active Directory

      by derek schauland ·

      In reply to HOw to join wind 7 to 2003 AD domain without DNS server

      The DNS role is installed with (or before) Active Directory. It has to be there somwehre as others have mentioned. If you run an nslookup for your domain, Windows should return a local DNS server somewhere. Since you mention all Windows Clients are using public DNS, logon to the domain controller (or a domain controller if more than one) and run a lookup, should report which DNS servers are being used.

      Once you find the local DNS server, you can fix the clients on the local network and get them using your internal DNS. For external access, create a forwarder to the ISP DNS Servers.

      This will help make your environment more secure and get Windows 7 clients to join the domain more easily.

      • #2882126

        Reponse To Answer

        by dorahoney ·

        In reply to Agreed, DNS is a must for Active Directory

        OK after running a nslookup on the DC it comes back with the ISP DNS..

        Maybe it would be better to go the following route;
        At the moment I have a domain qwert.eu with a DC – ABC.qwert.eu which after running a nslookup it points the ISP DNS. All clients have the ISP DNS (setup before my time)
        All XP computers are able to join the domain without a problem however wind 7 Prof cannot.

        I am thinking of doing the following introduce a wind 2008 server with dns inside my domain. The domain will be changed to local.qwert.eu so the new domain name for the existing DC will be ABC.local.qwert.eu and will point to the new 2008 server DNS where I will setup a forwarder to the ISP DNS

        Present setup new setup

        Domain qwert.eu Domain local.qwert.eu
        DNS is ISP DNS introduce 2008 server with DNS
        2003 DC name ABC (ABC.qwert.eu) new name for 2003 DC will be
        ABC.local.qwert.eu
        All clients point to ISP DNS all clients now point to the new 2008
        server which has a forwarder to
        the ISP DNS
        Would the above setup be a good solution witht he least amount of downtime ?

      • #2882125

        Reponse To Answer

        by dorahoney ·

        In reply to Agreed, DNS is a must for Active Directory

        Sorry the things got joined

        Present setup ——- new setup

        Domain qwert.eu ——— Domain local.qwert.eu
        DNS is ISP DNS ———- introduce 2008 server with DNS
        2003 DC name ABC (ABC.qwert.eu) ——— new name for 2003 DC will be
        ABC.local.qwert.eu
        All clients point to ISP DNS ——— all clients now point to the new 2008 server which has a forwarder to the ISP DNS
        Would the above setup be a good solution with the least amount of downtime ?

    • #2882123

      if this is your domain name [qwert.eu ] for your internal network add that

      by cg it ·

      In reply to HOw to join wind 7 to 2003 AD domain without DNS server

      as the DNS suffix [as a helper (append DNS suffix) ] in the TPC/IP advanced DNS properties of the network card.

      if in fact the ISP hosts your DNS server thus provides name resolution for your internal company domain, it should direct the DNS query for the IP address of your domain controller to your internal company domain controller thus allow authentication and joining the workstation to the domain.

      If your ISP does not provide name resolution services for your internal company domain, then you have to find out what DNS server does. DNS simply is name resolution to IP address. when trying to join a domain, you use the domain name. If there is no DNS server which can say domain.com = IP address [of Domain controller] then the query will always fail because the workstation can not find the domain controller.

    • #2439813

      Joining Domain without DNS info in Workstation

      by rdzaman ·

      In reply to HOw to join wind 7 to 2003 AD domain without DNS server

      As I know that to join domain need to give DNS address in the workstation to point the Domain. I have seen other company to install XP Images on the PC’s and joining Domain without any DNS information on the workstation.

      Right now where I am working need to implement the same procedure. If any one give me some guidence to help me out from this situation.

Viewing 7 reply threads