(Msg. 1) Posted: Tue Mar 24, 2009 9:06 pm
Post subject: Secondary DNS Archived from groups: microsoft>public>win2000>active_directory, others (more info?)
Hello everybody:
Here is the scenario, I have two domain controllers, one has primary, and
the other has secondary DNS on it. Now I am trying to setup a DNS server in
a remote location for disaster recovery. This server will be in the same
domain as the other DCs. Currently the DNS is AD integrated.
My question:
What is the best configuration for the DNS in the remote site? Can this
server be turned into Primary DNS in case of a diaster?
(Msg. 2) Posted: Wed Mar 25, 2009 3:05 am
Post subject: Re: Secondary DNS [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Hello genghiz,
In a domain use AD integrated zones, so all DC/DNS will have the complete
DNS zones during AD replication available and the zones are on any DC/DNS
server writable, instead with a secondary DNS server, that is read-only.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> Hello everybody:
>
> Here is the scenario, I have two domain controllers, one has primary,
> and the other has secondary DNS on it. Now I am trying to setup a DNS
> server in a remote location for disaster recovery. This server will be
> in the same domain as the other DCs. Currently the DNS is AD
> integrated.
>
> My question:
> What is the best configuration for the DNS in the remote site? Can
> this
> server be turned into Primary DNS in case of a diaster?
> Thanks
>
(Msg. 3) Posted: Wed Mar 25, 2009 9:15 am
Post subject: Re: Secondary DNS [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
In news:Okmy6XOrJHA.1240@TK2MSFTNGP02.phx.gbl,
genghiz <gen.TakeThisOut@ghiz.net>, posted the following:
> Hello everybody:
>
> Here is the scenario, I have two domain controllers, one has primary,
> and the other has secondary DNS on it. Now I am trying to setup a DNS
> server in a remote location for disaster recovery. This server will
> be in the same domain as the other DCs. Currently the DNS is AD
> integrated.
> My question:
> What is the best configuration for the DNS in the remote site? Can
> this server be turned into Primary DNS in case of a diaster?
>
> Thanks
You are saying you currently have a Primary zone on one of your DCs, and a
Secondary zone on the other DC, but you are implying the zone is currently
AD Integrated.
This scenario would cause a conflict. Why? Because an AD integrated zone
means the data is stored in AD. It gets replicated to respective DCs based
on the replication scope (properties of the zone). If a zone's scope is set
to All DNS Servers in the Domain," then all DCs in the domain have a copy of
the zone. If set to the Forest, then all DCs in the forest have a copy. If
you create a Secondary zone of the same zone on another DC in the domain, it
will create a duplicate condition on the DC and the DC would promptly delete
it.
AD Integrated zones are ALL Primary zones. This is because the database is
shared among DCs with AD integration. They follow a Milti-Master model. They
are all authorative for the zone. They can all accept updates and changes,
which get replicated to other DC/DNS servers.
So in your case, if Iwere to assume the terminology is skewed and they truly
are AD integrated (no secondaries), then you can safely just install DNS on
that third server, and walk away. Do not manually create the zone. If the
zone is truly AD integrated, it will automatically appear within a half
hour. If you try to manually create it, another dupe situation will arise.
but this time in the AD database, which will cause major issues and is not
so easy to clean up.
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
(Msg. 4) Posted: Wed Mar 25, 2009 8:26 pm
Post subject: Re: Secondary DNS [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Meinolf and Ace thanks for you time, appreciate your input.
"Ace Fekay [Microsoft Certified Trainer]" <firstnamelastname.TakeThisOut@hotmail.com>
wrote in message news:On$hwwUrJHA.3444@TK2MSFTNGP04.phx.gbl...
> In news:Okmy6XOrJHA.1240@TK2MSFTNGP02.phx.gbl,
> genghiz <gen.TakeThisOut@ghiz.net>, posted the following:
>> Hello everybody:
>>
>> Here is the scenario, I have two domain controllers, one has primary,
>> and the other has secondary DNS on it. Now I am trying to setup a DNS
>> server in a remote location for disaster recovery. This server will
>> be in the same domain as the other DCs. Currently the DNS is AD
>> integrated.
>> My question:
>> What is the best configuration for the DNS in the remote site? Can
>> this server be turned into Primary DNS in case of a diaster?
>>
>> Thanks
>
> You are saying you currently have a Primary zone on one of your DCs, and a
> Secondary zone on the other DC, but you are implying the zone is currently
> AD Integrated.
>
> This scenario would cause a conflict. Why? Because an AD integrated zone
> means the data is stored in AD. It gets replicated to respective DCs based
> on the replication scope (properties of the zone). If a zone's scope is
> set to All DNS Servers in the Domain," then all DCs in the domain have a
> copy of the zone. If set to the Forest, then all DCs in the forest have a
> copy. If you create a Secondary zone of the same zone on another DC in the
> domain, it will create a duplicate condition on the DC and the DC would
> promptly delete it.
>
> AD Integrated zones are ALL Primary zones. This is because the database is
> shared among DCs with AD integration. They follow a Milti-Master model.
> They are all authorative for the zone. They can all accept updates and
> changes, which get replicated to other DC/DNS servers.
>
> So in your case, if Iwere to assume the terminology is skewed and they
> truly are AD integrated (no secondaries), then you can safely just install
> DNS on that third server, and walk away. Do not manually create the zone.
> If the zone is truly AD integrated, it will automatically appear within a
> half hour. If you try to manually create it, another dupe situation will
> arise. but this time in the AD database, which will cause major issues and
> is not so easy to clean up.
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
> Microsoft Certified Trainer
> aceman.TakeThisOut@mvps.RemoveThisPart.org
>
> For urgent issues, you may want to contact Microsoft PSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
>
>
(Msg. 5) Posted: Wed Mar 25, 2009 9:18 pm
Post subject: Re: Secondary DNS [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
"genghiz" <gen.TakeThisOut@ghiz.net> wrote in message
news:%23Z$T3larJHA.3848@TK2MSFTNGP02.phx.gbl...
> Meinolf and Ace thanks for you time, appreciate your input.
I was hoping to hear back elaborating a bit on my questions to offer
specific help based on your scenario.
I just hope we were helpful enough to guide you in your goals.
All times are: Eastern Time (US & Canada) (change)
Page 1 of 1
You can post new topics in this forum You can reply to topics in this forum You can edit your posts in this forum You can delete your posts in this forum You can vote in polls in this forum
Home
Forums
Home
FAQ
Profile
Private Messages
Log in
Windows Other