How do I force client to use child dc DHCP?)

[linuxguru2]

My current config is setup on ethernet segment for testing but will be moving all 6 child dc and root-forest dc to VPN WAN.

site1 192.168.1.1 master.local (root-forest)
site2 192.168.2.1 site2.master.local (child dc)
site3 192.168.3.1 site3.master.local (child dc)
site4 192.168.4.1 site4.master.local (child dc)

have win98 client w/ *dsclient* installed. in it's network settings i have logon to nt domain "site4". at logon screen is has username, password, domain name showing.

i login to "site4" but i get no domain server found to validate your password". winipcfg on win98 client shows it's getting it's IP address from either site1 or site dhcp server.

how do i force the win98 client to use "site4" dhcp server?

also, there's big delay when i login from win98 client to dc. what's happening w/ the delay?

thanks for any help.

 

[brontosaurus]

Is the 98 machine on the same subnet as the site4 server?

 

[linuxguru2]

all dc's are on one hub. i guess i can expect that win98 client would be guessing at which dc to take it's dhcp address from huh?

i just turned off all dc's except site4 and got ip via dhcp. as stated, these dc's will be at their respective sites connected via vpn in 60 days.

am i correct in assuming that once the dc's are installed (at respective locations), all clients at that site will only see their own dc for dhcp address assignment??

with regards to delay, it is NO MORE due to other dc's being off.

thanks for any other info on the above questions.

 

[brontosaurus]

clients will only see a dhcp server that's on their subnet, unless you have dhcp helpers set up on your routers or VLAN's with routing brains on the same switch (or you've mixed up a bunch of nets on a hub like you did). Otherwise, dhcp is a broadcast request which will not cross subnets, so yes, as long as your clients, in their respective sites, are on the same subnet as that sites dhcp server (which they should be, or what would the purpose of a site be...)then they will only get an address from that server.

 

[linuxguru2]

one more question if i may....

as you see my config is master.local, etc. our isp holds tld for us and since we're using vpn connectivity we won't be routing any servers across internet (no web or mail servers).

the fact i have dns setup (allowing dynamic zone xfer to name servers that've been setup), the users will be sending all local dns requests to server.....if they request

http://www.yahoo.com,

how will that go outbound from my server?? i have heard something about seting up forwarding?....will i have security risk by having dynamic zone xfer setup between local name servers??

thanks again

 

[brontosaurus]

If you're concerned about security, set the zone transfers to only go to specific servers. As for name resolution, you can use Forwarders, but you don't have to. If you delete the root zone (assuming it exists) on your dns servers and restart the services, they should automatically load the internet root nameservers for external resolution.