Question

Hosted server windows 2003, DNS / Active Directory problem

DNS, Hosted services, Active Directory, Windows Server 2003, IP addressing

Hi,

I have purchased 2 hosted server both with public IP address and currently the network card IP address is the assigned public address and the 2 dns address are that of the hosting company.

What im trying to do on the servers are as follows;

Server 1 will have AD as the main forest tree ect, DNS, and communicate with server 2.
Server 2 will run MS SQL 2007 enterprise

Once this is working correctly, I shall install MOS07 on server1 along with CA for ssl communication on SharePoint portal, as well as host headers for different app pools
I have registered mycompany.com and pointing it to the Server1 IP, the default IIS page is working fine. I have also registered db.mycompany.com and pointed this to the ip Server 2 again default IIS page is fine.

Issue one, the hosted servicers are on the same Subnet and gateway address but cannot ping each other when pinging from the server. If I ping both public IP from an external network I get a reply from both.

Now the issue is DNS I expect.......
I promoted server 1 and give it the forest name of mycompany.com, once I do this I cannot communicate with server2.
Before i demote this server and check internal communication, I was hoping someone could offer some assistance.
Note on the dcpromo wizard I let the wizard configure DNS during the upgrade.
Checking DNS configure, root hint has been added and forwarders have been configured automatically to use the hosting servers DNS ip.

Appreciated any assistance

Stu

The first thing you will want to do to remove the Active Directory domain mycompany.com and reconfigure AD to use a different domain name. Your AD domain name should be different than your public domain name so that these kinds of DNS issues don't come up. Using an Active Directory name like mycompany.local will work just fine.

Second you should configure your servers to use private IPs and have the firewall use NAT to expose the servers to the Internet. You don't want your servers just sitting on the Internet. Having them on the Internet will guarantee that they will be broken into.

Once these things have been done setup the database server's DNS server to point to the server 1's private IP address. Then you can add server 2 to the AD domain. Unless you plan on hosting a web site on the database server you don't need to setup NAT for it at all. All public communication should go to server1, with that machine being the only one which talks to server2.