 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / Windows 2000 / DNS / July 2005DNS Config issue
Hi all, We have two DCs, mydc1 and mydc2. DNS is installed on mydc1 and is having standard primary zones (such as mydomain.com, mydomain2.com etc.). Both DCs are running Windows 2003 server. The major zone is mydomain.com which is the domain for the company. We'd like to install DNS in mydc2 and to make them AD-Integrated. Would any of you know of the proper procedure in doing so? Is it true just by the following steps? - make the zone mydomain.com an AD-integrated by checking the check-box of storing the zone in AD - install DNS in mydc2 - create a primary zone for mydomain.com and also check the check-box to store zone in AD However, there are a few questions I don't quite understand. Would the data already on mydc1 copy or replicate to the DNS in mydc2? Does that mean I can add / change / delete resource records in either of the DNS? What about other zones also host in DNS in mydc1? An additional question is should I include IP address of mydc2 in DHCP for LAN users also? Sorry if this sound silly to you. Thx, > Hi all, > [quoted text clipped - 24 lines] > > Thx, With Active Directory integrated zones, you only need to create the zone on one DC, the zone will replicate to all DCs in the domain with no further action from you.  SignatureBest regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx =================================== >> Hi all, >> [quoted text clipped - 34 lines] > Kevin D4 Dad Goodknecht Sr. [MVP] > Hope This Helps I have configured both DNS as in the following steps : 1. in mydc1 I checked the box to store data in AD 2. Install DNS in mydc2 using "Configure Server Wizard" 3. Configure a primary zone and also AD-Integrated Then I found that in mydc1 the DNS has the primary DNS being mydc1. However in mydc2 the primary server (as well in SOA) it is mydc2. Not all the records in mydc1 are replicated to mydc2 (well in fact only those in the reverse zone are replicated over). Did I missed something? Do settings such as Zone transfer need to be configured as well? Thx, > I have configured both DNS as in the following steps : > [quoted text clipped - 10 lines] > configured as well? > Thx, Zone transfers have nothing to do with AD Integrated zones, although you can allow zone transfers to other DNS servers for your zone if you desire. AD Integration allows multiple SOAs, in essence, multi-master design where zone data can be changed on any server you like. So due to the behavior of AD Integrated zones, since all DNS servers that host the AD Integrated zones are essentially ALL SOAs for the zone, this is normal and can be ignored. All records in an AD Integrated zone are stored in AD. Therefore, whatever data you create on one server, will be stored in the actual physical AD database (depending on which AD version since Win2003 has those application partitions), and will be replicated during AD's normal replication process. If it is Win2000, there is a latency period of 5 to 15 minutes within a site, whereas between sites, the latency period will depend on your Sites replication schedule and frequency. If Win2003, the data will replicate within 15 seconds within a site, but between sites, the same as Win2000. If this is Win2003, you have the option to change replication scope to either Win2000 support (stored in the DomainNC partition), or Win2003 DomainDnsZones (domain wide - middle button) or ForestDnsZones (forest wide - top button). If you are in a mixed environment, stick with the bottom radio button in the replication scope properties page since that puts it in the DomainNC and is compatible with Win2000. If you try to mix it, you will come up with conflict errors and the whole thing goes south. If you want it to replicate immediately within a site using Win2000, create your records, then go to sites and services and force replication between the machines. If between sites, you will have to wait for the replication schedule/frequency to occur. In a nutshell, it's based on AD. SignatureRegards, Ace Please direct all replies ONLY to the Microsoft public newsgroups so all can benefit. This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP Microsoft Windows MVP - Windows Server - Directory Services Infinite Diversities in Infinite Combinations. ================================= > I have configured both DNS as in the following steps : > [quoted text clipped - 10 lines] > configured as well? > Thx, Yes, you missed something, you should have not created the zone on the second DC, doing so causes it to overwrite the zone that was already in AD. Therefore you would have lost any manually created records in the previous zone. That is why I said "create the zone only on one DC" Each DC has itself listed as the SOA primary because each DC has a master zone. The SOA primary record is basically only for Secondary zones to know where the master is and has no effect on AD replication and is not used in AD replication. AD replication is more reliant on the <verylongGUID>._msdcs.ADForestName Cname record. Make sure this record is registered for both DCs in both DNS servers. SignatureBest regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx =================================== In this case, if I want to get things straight. Should I now uninstall the DNS on mydc2 and reinstall it again? Or should I just remove the zone on DNS in mydc2 and let the AD replication process takes care of it? >> I have configured both DNS as in the following steps : >> [quoted text clipped - 44 lines] > http://www.oehelp.com/OEBackup/Default.aspx > =================================== > In this case, if I want to get things straight. Should I now > uninstall the DNS on mydc2 and reinstall it again? Or should I just > remove the zone on DNS in mydc2 and let the AD replication process > takes care of it? Not unless the two zones are in different replication partitions, deleting the zone from DC2 also deletes it from DC1 if the are in the same partition. On the General tab of the zone properties sheet, clickon the "change" button next to "Replication" to make sure both zones are set to the same replication partition. Default is all DCs in the AD domain, which is best for domains with a combination of Win2k and Win2k3. If the zones are in different replication partitions delete one of the zones. SignatureBest regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx =================================== >> In this case, if I want to get things straight. Should I now >> uninstall the DNS on mydc2 and reinstall it again? Or should I just [quoted text clipped - 11 lines] > If the zones are in different replication partitions delete one of the > zones. Both are set to the same replication partition (all DCs in the AD domain). And I am now seeing some A records in the DNS in mydc2. Is this normal that not both DNS have identical host (A) records in them, if the replication partition is set to all DCs in the AD Domain (or I should say that they are AD-Integrated)? Thanks again > Both are set to the same replication partition (all DCs in the AD > domain). And I am now seeing some A records in the DNS in mydc2. > > Is this normal that not both DNS have identical host (A) records in > them, if the replication partition is set to all DCs in the AD Domain > (or I should say that they are AD-Integrated)? I think you still missed my point, here is what you posted: I have configured both DNS as in the following steps : 1. in mydc1 I checked the box to store data in AD 2. Install DNS in mydc2 using "Configure Server Wizard" 3. Configure a primary zone and also AD-Integrated What you did in step 3 above (creating a new zone on DNS in mydc2), you must understand that when you create this zone, it became the newer of it and the one already in AD. So.... It overwrote the existing zone in AD and it did NOT contain the records that existed in the zone in AD. The key point is, when you create a new zone, it contains no records, so when it replicates, it deletes the existing zone and its records. When installing DNS on a replica DC, do not create any zones, be patient and wait for the zone in AD to replicate. I have such a hard time of convincing people to wait for replication to replicate the zone. Existing Zone Information Overwritten When Backup DNS Zone Created: http://support.microsoft.com/default.aspx?scid=kb;en-us;217086 SignatureBest regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx =================================== > I think you still missed my point, here is what you posted: > I have configured both DNS as in the following steps : [quoted text clipped - 19 lines] > Existing Zone Information Overwritten When Backup DNS Zone Created: > http://support.microsoft.com/default.aspx?scid=kb;en-us;217086 Now I understand a bit more. Then would I be able to do this all over again, with the steps below: 1. switch the zones in both DNS back to Primary std by uncheck the check box of storing zone in AD 2. delete the zone in mydc2 3. check the check box to turn the zone in mydc1 to AD-integrated again 4. wait for replication to create the replica in mydc2 Do you think this will work? The reason is that I'm afraid the newly created zone in mydc2 will overwrite the one in mydc1. Since I can still see the resource records in mydc1 thus I want to reverse the procedure and start all over again. Thanks again. > Now I understand a bit more. > Then would I be able to do this all over again, with the steps below: [quoted text clipped - 10 lines] > procedure and start all over again. > Thanks again. Yes, it will work if replication is not broken. Change the zone on DC1 to standard primary, allow dynamic updates, point DC2 to DC1 for DNS. Then, run this command: ipconfig /flushdns & ipconfig /registerdns & net stop netlogon & net start netlogon This will make sure DC1 has all the AD records from both DCs then change the zone to AD integrated, let the zone replicate, or force a replication cycle. SignatureBest regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx =================================== >> Now I understand a bit more. >> Then would I be able to do this all over again, with the steps below: [quoted text clipped - 22 lines] > zone to AD integrated, let the zone replicate, or force a replication > cycle. Thanks Kevin for your patience and help. Let me repeat what I think I have gather from you : 1. change zone in mydc1 to Standard Primary and allow dynamic update 2. change in IP address of mydc2 to have its DNS points to mydc1 3. run the command ipconfig /flushdns and ipconfig /registerdns 4. run net stop netlogon and net start netlogon 5. delete the zone in mydc2 6. waiting for replication of zone and then check mydc2 for result Do I miss anything? Thanks again. >>> Now I understand a bit more. >>> Then would I be able to do this all over again, with the steps [quoted text clipped - 35 lines] > > Do I miss anything? By changing the zone on mydc1 to standard primary, this should remove the zone from mydc2. If it doesn't, delete it after you change the zone on mydc1 to standard primary. SignatureBest regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx =================================== > By changing the zone on mydc1 to standard primary, this should remove the > zone from mydc2. > If it doesn't, delete it after you change the zone on mydc1 to standard > primary. Thanks Kevin, The zone data seems replicating great. Thanks again for your great help. Rdgs, YMan |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2010 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.