Hi I'm new to this forum and in a bit of a rush so sorry if this is posted in the wrong section. I have just started a new full time network administration job and the first order of business is to update the primary (and only) DNS, DHCP server, Its currently running Debian and they want me to change the OS to Widows Server 2003. Because I am new to all of this and not really trained as a Network Administrator I have built a small testing network using VMware, now to the problem. I have setup the DNS and DHCP we aren't using Active directory every one belongs to a common work group. I have tried to configure Dynamic DNS, can any one tell me how unsecured this is? The switch over works fine for my fake Debian boxes the user notices no changes, the windows XP users (haven't looked at other version on windows yet) have problems. They don't have the Primary DNS suffix added automatically. So in the reverse lookup table I get 192.168.1.2 Pointer (PTR) winserver2003.test.com 192.168.1.50 Pointer (PTR) xp. 192.168.1.51 Pointer (PTR) xp2.test.com 192.168.1.52 Pointer (PTR) ub.test.com xp2 works because I manually added test.com in the "Primary DNS suffix for this computer:" via Control Panel > System > Computer Name > Change > More. In the forward look up zones I have ub Host (A) 192.168.1.52 winserver2003 Host (A) 192.168.1.2 xp2 Host (A) 192.168.1.51 The record for "xp" does not appear at all. The old system was/is running WINS I could do that but a couple of article's I read said Dynamic DNS is meant to be the replacement. Also security is a bit of an issue, my final solution needs to be as secure as possible while being transparent to users. Is there a way I could setup active directory without any changes on the client machines.

Dynamic DNS is for people who don't have a static IP and need to access their network externally (see DynDNS, NoIP etc). DNS (with Dynamic Updates) is for name resolution, so I think this is what you are talking about rather than Dynamic DNS. "They don't have the Primary DNS suffix added automatically" That is perfectly true, a server cannot change the name of a PC simply because it's in the same workgroup, is that what you were expecting? You basically have 2 options: continue the way you are going and create each record manually, or promote your server and make it a Domain Controller, then join your PC's to the domain. In a domain environment DNS will be updated automatically (dynamically). I would start by doing some reading on the Microsoft website, pretty much everything you need help on is on there (appart from the Debian stuff ofcourse!). As a Network Admins with no experience or training you need to get used to consulting MS as a valueable resource if you want to keep your job! Wizard ICT. Microsoft Certified Professional

Hi, Thanks for the reply. Your are right I was talking about dynamically updating DNS not Dynamic DNS. Thats why I was having so much trouble finding good tutorials I was looking in the wrong place. I do want the clients to be provided with there primary DNS suffix depending on which work group they are in (I only have one work group). I have managed a dirty hack but I don't know how insecure it is and I would like to tidy it up. As I said the Ubuntu (and other non-MS OS) clients are added into the DNS records when they register with the DHCP server. There is an option in the DHCP server that says "Dynamically update DNS A and PTR records for DHCP clients that do not request updates" I am not entirely sure if the DHCP server is adding the correct primary DNS suffix or if the Linux clients default to there workgroup. Can anyway clear this up? For the XP clients I am using WINS and there is an option in the DNS server that says if you can't find a client lookup WINS and then add the desired DNS suffix afterwards. So this works fine except the windows XP clients still try and register with the DNS server. Because they don't seem to use the desired domain in there FQDN there is no record in the forward lookup zone and in the reverse lookup zone I get the following entry 192.168.1.50 Pointer (PTR) xp. These entries are a bit annoying because if you nslookup 192.168.1.50 you get xp. rather than xp.test.com if you delete this PTR record you get the desired xp.test.com because the DNS server checks with WINS then adds the test.com part. I am not sure if this will course any applications to fail, I doubt it but it's still annoying. Unfortunately I cannot added the clients to a domain because I am not permitted to make changes to the clients, you can't do this without changes to the network clients can you? Manually adding the records would be problematic as computers join and leave the network quite often.