DNS,PDC,password change doesnt work
Scherff CWO3 John M
ScherffJM at pendleton.usmc.mil
Mon Aug 12 21:44:57 UTC 2002
To drop WINS entirely from a routed IP network with non-Windows 2000
clients, your only choice is to use LMHOSTS. True, NetBIOS name =
resolution
can use DNS (follows this order: NetBIOS name cache, WINS, broadcast,
LMHOSTS, HOSTS, DNS); however, this will not work when searching for a
domain controller (which is the only place passwords can be changed),
because this requires a domain group (service type '1C') NetBIOS name =
entry,
versus a simple unique entry.
The users on the subnet with the PDC are able to find it by broadcast. =
The
users on the other subnet attempt to broadcast (when WINS is not an =
option),
but those broadcasts are blocked by the router. Optionally, you can =
these
and other particular types of broadcasts to pass through the router, =
but
that's not the best choice.
Stick with WINS. =20
(I assumed, above, that you have non-Win2K clients, because you're =
using NT
4.0 DNS... for that reason, you also can't be running AD because NT 4.0 =
DNS
does not support SRV records)
Another alternative: use 'include' statements in your LMHOSTS file.
E.g., on each computer, in \winnt\system32\drivers\etc, place an =
LMHOSTS
file with the following entries:
10.0.0.1 MYSERVER #PRE
#INCLUDE \\MYSERVER\MYSHARE\LMHOSTS
On 'MYSERVER', in a directory shared as 'MYSHARE', place an LMHOSTS =
file
with the following entries:
10.0.0.2 MYPDC #PRE #DOM:MYDOMAIN
10.0.0.2 "MYPDC \0x1b" #PRE #DOM:MYDOMAIN
^--15 chars---^
Now, each computer will pull their LMHOSTS entries from the share on
MYSERVER. If you need to change something in the LMHOSTS, you change =
it in
only one place (on MYSERVER) instead of on each computer. The clients =
will
find the PDC and the segment master browsers will find the domain =
master
browser.
I consider this a backwoods method of doing things. You should just =
stick
with WINS until you upgrade to AD and all your clients are Win2K or =
above.
R/ John Scherff
-----Original Message-----
From: Berger Harald [mailto:hotline at harryworld.dyndns.org]=20
Sent: Monday, August 12, 2002 5:45 AM
To: comp-protocols-dns-bind at isc.org
Subject: OT: DNS,PDC,password change doesnt work
Hi,
i=B4m a little bit OT, but i hope you can help me.
in our company we have decide to kill our WINS and use DNS.
The DNS-Servers works pretty good (9.2.1). There are two
locations, connected with cisco-routers (2MBit).
in the 1. location where the NT 4.0 Primary domain controller
is.. user can change their password (nt4-workstation).
in the second location there is only a BDC.. and the users
are unable to chage there password.=20
looking in the web. i found that you must have an WINS-Server
or you have to put some entries in the clients lmhost-file.
is there a trick to do something in the dns-server that the clients
will know where the PDC is.. the funny thin is that a ping to the
PDC works fine.
thanks for help and excuse me against for being OT....
=20
More information about the bind-users
mailing list