DNS - Sites and Services

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I recently seperated my two sites in "sites and services". When I look at DNS
FL zone _sites under the original site all the servers still show up. Should
i delete those since they are associated with another site???
 
mo_d said:
I recently seperated my two sites in "sites and services". When I look at DNS
FL zone _sites under the original site all the servers still show up. Should
i delete those since they are associated with another site???
Click to expand...

Normally, the answer is No.
(It is possible that ultimately this will be
your only recourse but give that a bit.)

The normal case is that in Sites and Services
you move the DCs (or other servers) the correct
Site (right click->move).

You might need to reboot or take other action
to get DNS updated.

Below, I will post my general recommendations
for DNS to support AD; those for updating the
DNS are most important, but you may have a
misconfiguration as well so it is worht double
checking all of it.


DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /server:DC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
 
I created a new site and moved seperated the servers. In dns the new site has
the correct servers the org site has it's servers plus the new sites servers
listed. Should sites and servers updated this in DNS?

Herb Martin said:
mo_d said:
I recently seperated my two sites in "sites and services". When I look at DNS
FL zone _sites under the original site all the servers still show up. Should
i delete those since they are associated with another site???
Click to expand...

Normally, the answer is No.
(It is possible that ultimately this will be
your only recourse but give that a bit.)

The normal case is that in Sites and Services
you move the DCs (or other servers) the correct
Site (right click->move).

You might need to reboot or take other action
to get DNS updated.

Below, I will post my general recommendations
for DNS to support AD; those for updating the
DNS are most important, but you may have a
misconfiguration as well so it is worht double
checking all of it.


DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /server:DC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
Click to expand...
 
mo_d said:
I created a new site and moved seperated the servers. In dns the new site has
the correct servers the org site has it's servers plus the new sites servers
listed. Should sites and servers updated this in DNS?
Click to expand...

Yes, it should. Have you followed (any of the) various
methods for updating DNS (that I offereed you)?
DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /server:DC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
Click to expand...
Click to expand...
 
I ran both and they came back passed. What I have notice is that sometimes my
logon server will be the other sites DC or outlook will query their exchange
server before finding ours. In DNS site A has entries servers from both
sites? Site B only has its servers listed.
 
Mo_d,

This usually only happens when you haven't set up the IP-subnets and
assigned them to sites. When a client can't figure out what site it is in
or the server there is not available (either through real availability or
failed DNS lookup) the logon will traverse the site link.
 
They have been setup and assigned.

Ryan Hanisco said:
Mo_d,

This usually only happens when you haven't set up the IP-subnets and
assigned them to sites. When a client can't figure out what site it is in
or the server there is not available (either through real availability or
failed DNS lookup) the logon will traverse the site link.

--
Ryan Hanisco
MCSE, MCDBA
FlagShip Integration Services
Chicago, IL
Click to expand...
 
mo_d said:
They have been setup and assigned.
Click to expand...

When people respond as such without showing
the details it pretty much shuts off our ability to
double check your work.

You might consider showing the details of your
sites' subnets.

You almost certainly have either a Sites configuration
issues or a Replication (DNS probably*) issue.

Unless it is a network problem.

So either you set something wrong (we have all done it
which is the reason we are so quick to suggest such
a mistake) or your DCs aren't replicating which is usually
DNS if the network is reasonably functional and not
firewall restricted.
 
Back
Top