> On Apr 30, 10:03 am, "Ther Richardson"
> <trichard...[ at ]vfwnationalhome.org> wrote:
>> In addition,
>> Server1 on the new domain Campus has the following settings and a problem
>> I
>> may not have mentioned.
>> tcp/ip
>> IP 192.168.1.11
>> SNM 255.255.255.0
>> DGW 192.168.1.1
>>
>> DNS
>> 192.168.1.199 Admin2 (server in the Admin Domain)
>> 192.168.1.11 Itself
>> Append primary and connection specific dns suffixes with append parent
>> suffixes of the primary DNS suffix checked
>> register this connection's address in DNS is checked also
>>
>> WINS
>> 192.168.1.198 Admin1 Server in Admin Domain
>> 192.168.1.11 Itself
>>
>> And the problem is that it cannot see itself while browsing the network,
>> nor
>> can other computers see it.
>>
>> "Herb Martin" <n...[ at ]learnquick.com> wrote in message
>>
>> news:OeKTFNQiHHA.3452[ at ]TK2MSFTNGP04.phx.gbl...
>>
>>
>>
>>
>>
>> > "Ther Richardson" <trichard...[ at ]vfwnationalhome.org> wrote in message
>> >news:1334b4tf6v247af[ at ]corp.supernews.com...
>> >> OK lets take it from near the top.
>>
>> >>>>I have a Win 2003 Native domain, for example we will call it
>> >>>> building.org. I am setting up a second domain in the forest that
>> >>>> will
>> >>>> otherbuilding.org.
>> >> You replied
>>
>> >>> Why are two "buildings" different domains?
>>
>> >> We are not actually talking about two buildings, we are talking about
>> >> a
>> >> 650 acre campus with 80 buildings and I was trying to simplify it.
>> >> Building.org refers to my domain. It hosts my staff and all our
>> >> computers, our exchange server, file servers, database servers, and
>> >> printers. DNS has been running with no errors or warnings for months
>> >> and
>> >> all seemed well.
>>
>> >> Other building refers to the residence buildings on campus which are
>> >> about to get their own high speed network. My original design and
>> >> desire
>> >> (based on the orders of the directors) is that the two should never
>> >> meet.
>> >> Residents should never even SEE the admin domain. Along comes Cisco
>> >> and
>> >> says "OK NP we will put in this router & these T1's, add a few
>> >> strategic
>> >> VLANS and they won't see each other.
>>
>> > SEE? Usully that means "see in the browser or network neighborhood"
>> > and
>> > domains are NOT boundaries for such.
>>
>> > See as in "use resources" can be controlled (allowed or denied) whether
>> > it
>> > is in the same domain or different domain (of the forest.)
>>
>> > Two domains are not giving you or required for your goal either way.
>>
>> > Even "See" as in Ping or route to -- that's going to be pretty much
>> > a requirement in a SINGLE FOREST so this isn't being helped either.
>>
>> >> I am OK with this because Cisco has been doing this for a while and i
>> >> am
>> >> willing to take them at face value
>>
>> >>>> In building.org I have 2 Win 2003 servers running DNS all set up (by
>> >>>> me, several years ago, and now I don't remember much about it)
>> >>>> should
>> >>>> the new domain ortherbuilding.org have its own DNS server?
>>
>> >>> Not a requirement but typically that is the practice and usually
>> >>> best.
>>
>> >> That's what I thought
>>
>> >>> (The question actually uncovers a misconception that even experts
>> >>> assume
>> >>> much of the time. The DNS server for a domain doesn't actually have
>> >>> to
>> >>> be "in that domain" just able to resolve the names, but it is common
>> >>> for
>> >>> it
>> >>> to be in that domain. Also, a DNS server might have zones from MANY
>> >>> domains.)
>>
>> >>> Ultimately, you need building.or and otherbuilding.org ZONES to be
>> >>> resolvable by ALL DNS clients (thus by all DNS Servers) "in the
>> >>> forest".
>>
>> >>>> At some point very soon Cisco will be putting in place VLANs to
>> >>>> keep
>> >>>> residents from the domain ortherbuilding.org from seeing computers
>> >>>> servers printers etc. on building.org. the three servers in
>> >>>> question
>> >>>> are
>>
>> >>> Then you will definitely need SOME way to resolve the zone for the
>> >>> domain.
>>
>> >> OK, again what I thought. So here is where I stand
>> >> To clarify further, lets call the domains admin and campus. After
>> >> ADPrep
>> >> /forestprep and /domainprep I added the new campus domain to the
>> >> forest
>> >> containing the old domain giving me two domains in the one forest.
>> >> The
>> >> new domain, campus.org currently has two servers in it (server1 and
>> >> Server2(I know its original)). Yesterday, I was able to add 7 PC lab
>> >> computers to this domain, One test PC that will go into a house, and
>> >> the
>> >> second server.
>>
>> >> Then all of a sudden everything says that there is no network path.
>> >> If I
>> >> browse from from any computer on the campus domain I see every box
>> >> except
>> >> server1. NSLookup shows the server as default server with the correct
>> >> address.
>> >> I am kind of stuck at that point. and am floundering. any thoughts
>>
>> > Browsing is based on NetBIOS which required WINS Server to work across
>> > subnets (i.e., across Broadcast domains.)
>>
>> > You need WINS Server and every machine a WINS client (esp. DCs) to
>> > browse
>> > across multiple subnets.
>>
>> > If the PDC-Emulators from the two domains find each other then you
>> > will be able to browse both Domains (not necessarily use resource but
>> > browse.) Browsing requires NO trusts NOR permissions.
>>
>> > --
>> > Herb Martin, MCSE, MVP
>> >
http://www.LearnQuick.Com>> > (phone on web site)- Hide quoted text -
>>
>> - Show quoted text -
>
> I can't find it but earlier this year I was tracking down a problem
> where people weren't able to "see" different files and folders. Upon
> investigating this I found that in Server 2003 their is a way to set
> it up so that instead of the default where people could browse and
> "see" files that they did not have access to it would hide them. So
> say I have a folder of 5 files. The user can browse into the folder
> but they only have the proper permissions to interact with 1 of
> those. To the user it will look like their is 1 file. If I can think
> of the name of it I'll post it. You might want to consider that when
> everything settles as an extra layer. I know that doesn't help with
> your immediate question though. (I also figured I might jog someone
> elses memory on that one.)
>