October 10th, 2012, 12:17 AM
Wrong Forest Level Choosen
I am troubleshooting a network (That I didn't setup). Two servers, one 2003 and the other 2008. The 2008 server is the DNS/Active directory server. I can add computers to the domain, including the 2003 server. When on a client computer, logged in as administrator, I can remote into the 2008 server; however, the 2008 server cannot ping the laptop. I cannot ping the 2003 server, nor remote in. I cannot ping from the 2003 server out to the laptop. Both servers have Internet access and can ping the firewall. All cables test fine. Would choosing the wrong Forest Level when setting up DNS cause these issues? I'm not sure what forest level they choose, but one can ponder that they might have chosen 2008 instead of 2003. I realize domain controllers from 2003 server would not work, but would this cause on not to be able to remote in?
October 13th, 2012, 05:41 PM
If the domain environment is set to a functional level of server 2008, then you will be able to join the 2003 server to the domain, but the 2003 server can't act as a domain controller. If the functional level is set to 2003, then both servers can act as domain controllers.
This sounds like whatever is handling DHCP, is assigning everyone DNS server information for public DNS servers, and not utilizing internal DNS servers that are aware of the AD schema. For instance, you can tell all the PCs in your domain to utilize Google's DNS servers. Everything will be able to get to the internet just fine, but Google's DNS servers obviously don't know about your AD schema. Thus, nothing in your organization can resolve any device by it's FQDN.