J
JimMatelski
Our company is currently undergoing a project to upgrade all Windows 2000
domain controllers and upgrade them to Windows 2003 domain controllers.
When this is done the domain functional mode will be changed to Windows 2003
native. Currently all new domain controllers have been added, and services
and FSMO roles are being removed from the Windows 2000 boxes and placed onto
the Windows 2003 boxes. The goal is to eventually decommission the old
Windows 2000 boxes.
One problem being encountered is how to migrate the forest root domain
controllers, one of which homes the primary DNS zone. One thought was to
upgrade away from using primary/secondary zones to Active Directory
Integrated DNS, which uses multimaster replication. An application
directory partition will be created to store the DNS zone information. To
best explain the situation an example is in order:
Using Microsoft's favorite company the root of the AD domain (an internal
DNS) is contoso.com. The organization has two subdomains underneath the
forest root called ny.contoso.com and ca.contso.com. Each of the three
domains has three domain controllers installed. DNS is installed on domain
controller #1 in each of the three domains. Domain controller #1 in the
contoso.com domain is the primary DNS server, and a full zone transfer is
sent to the secondary DNS servers in the ny.contso.com and ca.contso.com
domains.
If the root primary DNS server is switched to Active Directory Intergrated
mode with an application directory partion, I believe a partition is created
for both the forest and for each domain. Since the primary DNS server holds
all DNS records for contso.com and the child subdomains (ny.contso.com and
ca.contso.com), will all DNS entries be placed in the contso.com directory
partition (root)? Is the migration process smart enough to take the DNS
entries for ny.contso.com subdomain and place them in the application
directory partition for ny?
Unfortunately the conversion process from a primary DNS zone to an Active
Directory Integrated DNS zone is very poorly documented, and most of it
outlines the process only for one domain. Any advice or pointers for
additional articles would be greatly appreciated.
domain controllers and upgrade them to Windows 2003 domain controllers.
When this is done the domain functional mode will be changed to Windows 2003
native. Currently all new domain controllers have been added, and services
and FSMO roles are being removed from the Windows 2000 boxes and placed onto
the Windows 2003 boxes. The goal is to eventually decommission the old
Windows 2000 boxes.
One problem being encountered is how to migrate the forest root domain
controllers, one of which homes the primary DNS zone. One thought was to
upgrade away from using primary/secondary zones to Active Directory
Integrated DNS, which uses multimaster replication. An application
directory partition will be created to store the DNS zone information. To
best explain the situation an example is in order:
Using Microsoft's favorite company the root of the AD domain (an internal
DNS) is contoso.com. The organization has two subdomains underneath the
forest root called ny.contoso.com and ca.contso.com. Each of the three
domains has three domain controllers installed. DNS is installed on domain
controller #1 in each of the three domains. Domain controller #1 in the
contoso.com domain is the primary DNS server, and a full zone transfer is
sent to the secondary DNS servers in the ny.contso.com and ca.contso.com
domains.
If the root primary DNS server is switched to Active Directory Intergrated
mode with an application directory partion, I believe a partition is created
for both the forest and for each domain. Since the primary DNS server holds
all DNS records for contso.com and the child subdomains (ny.contso.com and
ca.contso.com), will all DNS entries be placed in the contso.com directory
partition (root)? Is the migration process smart enough to take the DNS
entries for ny.contso.com subdomain and place them in the application
directory partition for ny?
Unfortunately the conversion process from a primary DNS zone to an Active
Directory Integrated DNS zone is very poorly documented, and most of it
outlines the process only for one domain. Any advice or pointers for
additional articles would be greatly appreciated.