MonitorWare Knowledge Base

I have a problem. Several actually, but my research is leading me to believe that it's all related to one cause.

First, the setup.

1 Windows 2000 Advanced Server with Active Directory. This machine is the primary, and currently only domain controller on the network.

Many Windows 2000 client computers.
2 or 3 Windows XP Pro SP1 client computers.


Error, Problems, and Issues:

1.
One day, we decided that we wanted an application server on our network, but we didn't want it running on our primary server. What we planned to do was setup a box to run another copy of adv. server and run terminal server.

We installed adv. server. And when we installed terminal services we found that we had to install terminal licensing... no problem.
Terminal licensing requires either the machine to be on a workgroup or a domain controller.

Workgroup will not work, so we will make it an additional domain controller... which requires active directory. No problem, we will just install AD.

AD installation fails because when it comes time to connect to the domain, it's can't find it.

TONS of research and attempts later, it looks as if the DNS settings on the primary server are missing the SVR keys under DNS. However, I am not sure and everything appears to be correct. I don't know anything about DNS... eventually, we give up on Adv. Server.

2.
Windows XP. We installed windows xp on a couple of clients (connecting to the same server as above).

The adding to the domain is easy and works no problem, however, when we go to add users (amoung other things) is when problems starts.

We click the browse button to list the network users and we get an error saying no domains are available.... but we are on the domain.

And if we enter the user name and domain manually, we get "The trust relationship between this workstation and the primary domain failed. "

According to the MS knowledge base, we are to remove the client from the domain, add to a workgroup and re-add.

Doesn't work.

Also, no other domains or locations appear in any dialog box that can list the priamary domain (it only shows the local machine location)

However, we have full network access (meaning, we can see all the machines and shares on the network, and open them - as it should be)

Can an improperly configured DNS setup on the server cause a trust error too?



!Help!

How do I configure/re-configure DNS / DHCP on our main server without crippling it? (mainly, zero down time would be good, short of a reboot)
Is DNS the acutal problem?
Is there anything else that can cause this, if so... how can I fix it.

Any and all help would be welcome, and I will do my best to answer any and all questions.

While I am not a certified network administrator making obsense amounts of money, I do know my way around the windows os pretty well, and I know the basics (more or less) of network administration.... but I could have missed something simple.

also note: I was not the one to setup the server, so I don't know what the previous guy was doing/thinking..... but I am stuck with it now.

First, is DNS installed on the DC? Second is it Active Directory integrated DNS? The DC should point to itself as it's primary DNS in the TCP/IP settings. All other workstations should point to the DC for DNS. Also, Terminal Services should not be installed on a DC. When you ping a server name it should return as name.domain.com. If it does not, nothing will work correctly.

Saw this thread and i have almost the exact same setup and the exact same problem. Did anyone ever find a solution for this?