DMZ, No DNS, How to find DP?

Hi All

I'm doing some testing with installing clients onto our DMZ servers...

All worked well, until the machine could not resolve the DP name. We have no DNS, so does this mean that I need to add the DP details to my hosts file? I tried it with one DP and it worked. We have over 100 DPs and I'd rather not have to add 100 entries into the hosts file?

I've already added my MP details into hosts and lmhosts but never seen any mention of doing it with DPs...

Thanks

July 29th, 2015 5:52am

Peter

It sounds messy but you can centralise lmhosts and configure servers to use it.

https://technet.microsoft.com/en-gb/library/cc977601.aspx

Free Windows Admin Tool Kit Click here and download it now
July 29th, 2015 6:00am

lmhosts is not used when it comes to DNS.
July 29th, 2015 6:31am

True as lmhost deals with netbios names and therefore you won't be able to deal with FQDN.
Free Windows Admin Tool Kit Click here and download it now
July 29th, 2015 6:41am

Soooo?

Is the answer that we DO need something to allow the client to resolve the DP address?

I'm thinking that an easy fix is to install the DP role on my Primary/MP boxes... that way it will already have the records it needs...

July 29th, 2015 7:00am

That's a possibility Peter. 
Free Windows Admin Tool Kit Click here and download it now
July 29th, 2015 7:02am

So you don't have any name resolution in the DMZ at all?
July 29th, 2015 7:50am

Nope.

Nothing. No domain machines. All workgroup. No DNS resolution at all!

Its a proper DMZ ha!

Free Windows Admin Tool Kit Click here and download it now
July 29th, 2015 9:16am

DNS has nothing to do with AD domains. AD certainly relies on DNS, but lack of an AD domain in no way implies no DN as the two are completely unrelated.

Also, DMZ in no way implies no DNS either.

How are these systems accessed? Always by IP Address?

If that's true, your only option is to modify the hosts files. That's truly makes no sense though as that's the whole point of using DNS as manually maintaining hosts files on systems is painful at best.

July 29th, 2015 9:21am

Jason,

I've worked in an environment where the DMZ had no DNS. It was all IP based access and was painful for sure.  Good luck hacking Peter.

Free Windows Admin Tool Kit Click here and download it now
July 29th, 2015 10:11am

Yep, totally agree with everything here.

Its just something I have to work with... its not my DMZ, just something I need to manage... and patch!

I've enabled the switch on the update deployments to allow to pick up the patches from the internet... will find out over the weekend if this has worked.

July 29th, 2015 10:35am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics