I just set up our 1st domain controller (win server 2003). It is in our
office behind a firewall with NAT. I am using this to "play around" with
domain controllers. I set up the domain controller to use the domain our
company uses for the main website. The installation process detected our DNS
servers which are at another physical location and don't use NAT. It
installed all fine and seems to work fine (I was able to log into the

Q1: The domain controller made entries in the DNS server (also win 2003
server) forward zone file which are for the computers in our office that use
NAT. The zone also has entries for the webserver and other PCs at the
collocation. It looks like:
PC blah and webMain Will that mixture of
classes be of any problem?

Q2: The DC for domain xyz.com places its A record pointing to xyz.com. How
do I prevent him from doing that as it interferes with the web server for
the xyz.com domain. i.e. I end up with two A records pointing for xyz.com
one pointing to the web server, another to the private IP address of the
domain controller. The DC also (correctly) enters A record for its name
(Apu) -- sort of strange that it enters 2 A records for itself.

Q3: Anyone knows where I find some practical information about setting and
working with domains -- very basic stuff so far. There seems to be a wealth
of dry technical information out there, but very little of practical problem
solving information.

Thanks a lot for your help,