DNS & AD Integration

  • Thread starter Thread starter Roger Mathews
  • Start date Start date
R

Roger Mathews

I have a W2K AD-integrated DNS server that has been working great for
internal name resolution. But now I have a T-1 line in place for Internet
access. When I went to the DNS server to configure forwarding the options
were greyed out with the message the DNS is the root server. Also the root
hints are missing.

I tried to uninstall/reinstall to no avail. Finally I configured a second
server with DNS service. The DNS database is standalone and AD integration
was not an option for me since it too was greyed out. This new server is a
AD member server. But although this DNS installation is not AD integrated
it is working fine but I would like to better understand why this server
cannot be integrated in AD and why the previous server is configured as root
and how I change it.
 
In Roger Mathews <[email protected]> posted a question
Then Kevin replied below:
: I have a W2K AD-integrated DNS server that has been working great for
: internal name resolution. But now I have a T-1 line in place for
: Internet access. When I went to the DNS server to configure
: forwarding the options were greyed out with the message the DNS is
: the root server. Also the root hints are missing.

Delete the "." Forward lookup zone, refresh the console (or you can close it
and reopen it), then the Root Hints wil be loaded and you can enable
forwarders.
300202 - HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?id=300202&FR=1

:
: I tried to uninstall/reinstall to no avail. Finally I configured a
: second server with DNS service. The DNS database is standalone and
: AD integration was not an option for me since it too was greyed out.
: This new server is a AD member server. But although this DNS
: installation is not AD integrated it is working fine but I would like
: to better understand why this server cannot be integrated in AD and
: why the previous server is configured as root and how I change it.

Only domain controllers can be AD Integrated.
 
Roger said:
I have a W2K AD-integrated DNS server that has been working great for
internal name resolution. But now I have a T-1 line in place fernet
access. When I went to the DNS server to configure forwarding the options
were greyed out with the message the DNS is the root server. Also the root
hints are missing.

I tried to uninstall/reinstall to no avail. Finally I configured a second
server with DNS service. The DNS database is standalone and AD integration
was not an option for me since it too was greyed out. This new server is a
AD member server. But although this DNS installation is not AD integrated
it is working fine but I would like to better understand why this server
cannot be integrated in AD and why the previous server is configured as root
and how I change it.
Click to expand...

Delete the dot (".") forward lookup zone on the AD server to make it no
longer authoritative for the entire namespace.

As to why the second server cannpt be AD integrated... is it a domain
controller? Only DCs have a local copy of the directory to store
integrate DNs zones into.
 
Bingo!

Thanks guys. Removal of the . forward lookup zone worked like a charm. I
did notice that AD did not have root servers in the RootDNSServers
container...just couldn't figure out how to re-populate. Thanks again!
 
Back
Top