I have just installed a 2nd 2003 Domain controller in a single 2003 domain. I then installed DNS on this server as well in order to have it perform backup DNS services in the site. What is proper entries for the "preferred dns servers" in the TCP/IP properties of the second domain controller/DNS Server? I know that on the first dc/DNS server the prefered DNS server is pointed to itself and that you leave the "alternate" field blank. But what about on this 2nd DC/DNS server? Thanks
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DNS client config on 2nd 2003 dc/dns server
- Thread starter vescetec
- Start date
Point both DC's like this now:
Primary should point to itself and secondary should point to the remote DNS server.
Also note: if you had a forwarding setup on the primary DNS server, you need to configure forwarding on the new (second) DNS server. Go into the DNS console on the second server, right click the server name, and choose properties. Then click the forwarders tab. Enter the ISP DNS server in the forwarders area and select OK.
You also should add the second DNS server as a alternate to all of your client machines. This can be done easily through DHCP (if you are using a DHCP server) by modifying the scope options or server options. Otherwise, if you are using manual static assignement, you will have to visit each system or script a solution.
-later
Joseph L. Poandl
MCSE 2003
If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
Primary should point to itself and secondary should point to the remote DNS server.
Also note: if you had a forwarding setup on the primary DNS server, you need to configure forwarding on the new (second) DNS server. Go into the DNS console on the second server, right click the server name, and choose properties. Then click the forwarders tab. Enter the ISP DNS server in the forwarders area and select OK.
You also should add the second DNS server as a alternate to all of your client machines. This can be done easily through DHCP (if you are using a DHCP server) by modifying the scope options or server options. Otherwise, if you are using manual static assignement, you will have to visit each system or script a solution.
-later
Joseph L. Poandl
MCSE 2003
If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
- Thread starter
- #3
JPOANDL - To confirm: So both DC's point to themselves as Preferred DNS Servers. Both DC's also have forwarding enabled pointing out to my ISP's DNS. The DNS zones are active directory integrated so they will be automatically replicated via the Active Directory replications. But as far as the alternate DNS server field on these DCs, what do you mean by remote DNS? Thanks
Info:
Question: What are the common mistakes that are made when administrators set up DNS on network that contains a single Windows 2000 or Windows Server 2003 domain controller?
Answer: The most common mistakes are: • The domain controller is not pointing to itself for DNS resolution on all network interfaces.
• The "." zone exists under forward lookup zones in DNS.
• Other computers on the local area network (LAN) do not point to the Windows 2000 or Windows Server 2003 DNS server for DNS.
Question: Why do I have to point my domain controller to itself for DNS?
Answer: The Netlogon service on the domain controller registers a number of records in DNS that enable other domain controllers and computers to find Active Directory-related information. If the domain controller is pointing to the Internet service provider's (ISP) DNS server, Netlogon does not register the correct records for Active Directory, and errors are generated in Event Viewer. In Windows Server 2003, the recommended DNS configuration is to configure the DNS client settings on all DNS servers to use themselves as their own primary DNS server, and to use a different domain controller in the same domain as their alternative DNS server, preferably another domain controller in the same site. This process also works around the DNS "Island" problem in Windows 2000. You must always configure the DNS client settings on each domain controller's network interface to use the alternative DNS server addresses in addition to the primary DNS server address.
So, your configuration should look like this:
Server1DNSDC
DNS 1 = IP address of Server1DNSDC
DNS 2 = IP address of Server2DNSDC
Server2DNSDC
DNS1 = IP address of Server2DNSDC
DNS2 = IP Address of Server1DNSDC
By remote, I mean the other DNS server. You have two local DNS servers.
Joseph L. Poandl
MCSE 2003
If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
Question: What are the common mistakes that are made when administrators set up DNS on network that contains a single Windows 2000 or Windows Server 2003 domain controller?
Answer: The most common mistakes are: • The domain controller is not pointing to itself for DNS resolution on all network interfaces.
• The "." zone exists under forward lookup zones in DNS.
• Other computers on the local area network (LAN) do not point to the Windows 2000 or Windows Server 2003 DNS server for DNS.
Question: Why do I have to point my domain controller to itself for DNS?
Answer: The Netlogon service on the domain controller registers a number of records in DNS that enable other domain controllers and computers to find Active Directory-related information. If the domain controller is pointing to the Internet service provider's (ISP) DNS server, Netlogon does not register the correct records for Active Directory, and errors are generated in Event Viewer. In Windows Server 2003, the recommended DNS configuration is to configure the DNS client settings on all DNS servers to use themselves as their own primary DNS server, and to use a different domain controller in the same domain as their alternative DNS server, preferably another domain controller in the same site. This process also works around the DNS "Island" problem in Windows 2000. You must always configure the DNS client settings on each domain controller's network interface to use the alternative DNS server addresses in addition to the primary DNS server address.
So, your configuration should look like this:
Server1DNSDC
DNS 1 = IP address of Server1DNSDC
DNS 2 = IP address of Server2DNSDC
Server2DNSDC
DNS1 = IP address of Server2DNSDC
DNS2 = IP Address of Server1DNSDC
By remote, I mean the other DNS server. You have two local DNS servers.
Joseph L. Poandl
MCSE 2003
If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
- Thread starter
- #5
Thanks a lot - I was confused by the alternative entry because I remember reading about an issue that is caused in 2000 by putting another DNS server in the alternative field on the local DNS server, a symptom that could occur if the local DNS server became too busy for itself to resolve and would look elsewhere. I assume that is what the "island" effect is. I was unaware that 2003 resolved this issue. Thanks again
- Status
Similar threads
- Locked
- Question