Originally posted by exx1976:
quote:
Originally posted by JohnDFW:
Thanks to everyone for your comments and suggestions.
What I am needing to do was set up and functional not long ago. The domain crashed and had to be rebuilt. I inherited the original, pre-crash environment and do not know how the configuration was accomplished. Allow me to further explain what I am attempting to do.
The domain controller, which I have been calling the AD server, performs all the functions, user account management, machine account management, DNS and etc. DHCP is set up but I assign all IP’s to servers and workstations. Yes, there is a backup controller as well.
Let’s say the domain name is acme.dev.com. I am needing all the servers to use an IP from the …10.x/24 range and all the workstations will be given IP’s from the …20.x/24 range. But all will be members of the same domain.
In the previous configuration the NIC’s would list the primary and secondary controller as the DNS servers, but the default gateway would be dependent on from which IP range the IP was assigned.
This is all part of a VMWare environment and all the networking has been configured to add this secondary IP range as a new VLAN in the ESXi environment. At this point just need to get the controllers configured.
I hope this explanation helped clarify what I’m needing to do.
What does "I assign all IPs" mean? Do you mean you configure reservations, or you are actually configuring static IPs on the workstations?
Setting aside the fact that you say this "crashed" and you inherited the original "pre-crash environment", and also making the assumption that it was put back together correctly by a competent engineer who was aware the dangers of USN rollback, I am still at a loss as to what you're trying to do and what, exactly, isn't working.
So, let's take a step back. Rather than you trying to tell us what it is you need our help with configuring, why don't you tell us what is working vs what is not working?
I'm starting to get the impression that the 20.0/24 network is a net-new network to the environment. Simply configuring a new port group in vSphere is not sufficient for that network to communicate with existing networks. You need to define the VLAN on the upstream switches, makes sure that VLAN is allowed, and tagged, on the uplinks to the vSphere servers (assuming you are using trunk ports and not a pile of access ports), and then you need to make sure the new network has an SVI and is listed in the routing table of the switches.
Quite literally, there is *nothing* that *needs* to be done to a windows DC in order for it to service an additional address space. Nothing. The addition of a reverse lookup zone is something that is normally viewed as "best practice", but is by no means a requirement. I've seen many, many environments without reverse lookup zones that function just fine. I mean, *I* would recommend configuring one, but the lack of one is not going to cause you any immediate problems.
Keeping workstations on a different network than servers is also a good practice as it breaks up your broadcast domains.