DNS Zone merge

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have a interesting project ahead. Our current
environment runs DNS on Metal IP. (Checkpoint) product).
Anyway with our active directory structure growing and
its reliance on DNS we decided it be better to go ahead
and move the AD zones over to windows 2000. So our
parent domain will remain on the existing dns platform.
Our subdomains for 2k will move to windows 2000. This
seemed simple enough until looking at it further I see
that the two 2k domains which are parent and child
domains of each other were configured as multiple zones
on the existing platform. So here is what I have. Our
parent domain zz.com will remain on the existing domain.
Our two 2k domains are yy.zz.com and xx.yy.zz.com. I
really wanted two 2k servers to be authoritive for
yy.zz.com domain and xx.yy.zz.com domain in a single zone
but since they are separate zones in the existing
infrastructure they migrate over as seperate zones. I
could try and modify the zone files manually or my other
option seems to be start from scratch on windows 2000
after delegating authority for yy.zz.com and recreating
the windows 2k recoreds by netdiag /fix. This will fix
the SRV records but my dynamic host records will have to
re regester. I have tried to test it out in our lab and
I get about half the workstations regestering. I tried
to ipconfig /regesterdns but that does not seem to do the
trick. Any Ideal would be helpful. I know this is long
and confusing Im sure.
 
1) Install DNS server(s) on your Windows 2000 machine(s)
2) Create and configure secondary DNS zones for appropriate dns domains on
these DNS servers. Configure primary servers for these zones to allow
replication
3) Once the zone transfer was successful, reconfigure DNS servers hosting
the transferred zones so DNS server on W2k machine would be primary server
(i.e. convert the zones to primary zones). Reconfigure other DNS servers to
be secondary servers for these zones.
4) Once other DNS servers no longer needed, remove the secondary zones for
appropriate dns domains from them.

--
Dmitry Korolyov [[email protected]]
MVP: Windows Server - Active Directory

I have a interesting project ahead. Our current
environment runs DNS on Metal IP. (Checkpoint) product).
Anyway with our active directory structure growing and
its reliance on DNS we decided it be better to go ahead
and move the AD zones over to windows 2000. So our
parent domain will remain on the existing dns platform.
Our subdomains for 2k will move to windows 2000. This
seemed simple enough until looking at it further I see
that the two 2k domains which are parent and child
domains of each other were configured as multiple zones
on the existing platform. So here is what I have. Our
parent domain zz.com will remain on the existing domain.
Our two 2k domains are yy.zz.com and xx.yy.zz.com. I
really wanted two 2k servers to be authoritive for
yy.zz.com domain and xx.yy.zz.com domain in a single zone
but since they are separate zones in the existing
infrastructure they migrate over as seperate zones. I
could try and modify the zone files manually or my other
option seems to be start from scratch on windows 2000
after delegating authority for yy.zz.com and recreating
the windows 2k recoreds by netdiag /fix. This will fix
the SRV records but my dynamic host records will have to
re regester. I have tried to test it out in our lab and
I get about half the workstations regestering. I tried
to ipconfig /regesterdns but that does not seem to do the
trick. Any Ideal would be helpful. I know this is long
and confusing Im sure.
 
I understand how to migrate over the DNS zones. The
problem is that in the existing DNS server the zones are
divided up into multiple zones. For example 2k.test.com
and child.2k.test.com. For what ever reason they made
the two zones seperate. I would prefer it be be one zone
on a windows 2000 domain controller. The first is an
empty root 2k domain and the child is our production 2k
domain. So when I make them secondary zones on the 2k
servers prior to changing to primary I have two zones
that migrated over. Only way I can see to get one zone
is start over and rebuilt dns with netdiag /fix. This
seems fine for the SRV records just a little concerned
that some of the dynamic dns records did not repopulate
evern after forcing ipconfig /registerdns.



-----Original Message-----
1) Install DNS server(s) on your Windows 2000 machine(s)
2) Create and configure secondary DNS zones for appropriate dns domains on
these DNS servers. Configure primary servers for these zones to allow
replication
3) Once the zone transfer was successful, reconfigure DNS servers hosting
the transferred zones so DNS server on W2k machine would be primary server
(i.e. convert the zones to primary zones). Reconfigure other DNS servers to
be secondary servers for these zones.
4) Once other DNS servers no longer needed, remove the secondary zones for
appropriate dns domains from them.

--
Dmitry Korolyov [[email protected]]
MVP: Windows Server - Active Directory

I have a interesting project ahead. Our current
environment runs DNS on Metal IP. (Checkpoint) product).
Anyway with our active directory structure growing and
its reliance on DNS we decided it be better to go ahead
and move the AD zones over to windows 2000. So our
parent domain will remain on the existing dns platform.
Our subdomains for 2k will move to windows 2000. This
seemed simple enough until looking at it further I see
that the two 2k domains which are parent and child
domains of each other were configured as multiple zones
on the existing platform. So here is what I have. Our
parent domain zz.com will remain on the existing domain.
Our two 2k domains are yy.zz.com and xx.yy.zz.com. I
really wanted two 2k servers to be authoritive for
yy.zz.com domain and xx.yy.zz.com domain in a single zone
but since they are separate zones in the existing
infrastructure they migrate over as seperate zones. I
could try and modify the zone files manually or my other
option seems to be start from scratch on windows 2000
after delegating authority for yy.zz.com and recreating
the windows 2k recoreds by netdiag /fix. This will fix
the SRV records but my dynamic host records will have to
re regester. I have tried to test it out in our lab and
I get about half the workstations regestering. I tried
to ipconfig /regesterdns but that does not seem to do the
trick. Any Ideal would be helpful. I know this is long
and confusing Im sure.
Click to expand...
 
In
I understand how to migrate over the DNS zones. The
problem is that in the existing DNS server the zones are
divided up into multiple zones. For example 2k.test.com
and child.2k.test.com. For what ever reason they made
the two zones seperate. I would prefer it be be one zone
on a windows 2000 domain controller. The first is an
empty root 2k domain and the child is our production 2k
domain. So when I make them secondary zones on the 2k
servers prior to changing to primary I have two zones
that migrated over. Only way I can see to get one zone
is start over and rebuilt dns with netdiag /fix. This
seems fine for the SRV records just a little concerned
that some of the dynamic dns records did not repopulate
evern after forcing ipconfig /registerdns.



-----Original Message-----
1) Install DNS server(s) on your Windows 2000 machine(s)
2) Create and configure secondary DNS zones for appropriate dns
domains on these DNS servers. Configure primary servers for these
zones to allow replication
3) Once the zone transfer was successful, reconfigure DNS servers
hosting the transferred zones so DNS server on W2k machine would be
primary server (i.e. convert the zones to primary zones).
Reconfigure other DNS servers to be secondary servers for these
zones. 4) Once other DNS servers no longer needed, remove the
secondary zones for appropriate dns domains from them.

--
Dmitry Korolyov [[email protected]]
MVP: Windows Server - Active Directory

I have a interesting project ahead. Our current
environment runs DNS on Metal IP. (Checkpoint) product).
Anyway with our active directory structure growing and
its reliance on DNS we decided it be better to go ahead
and move the AD zones over to windows 2000. So our
parent domain will remain on the existing dns platform.
Our subdomains for 2k will move to windows 2000. This
seemed simple enough until looking at it further I see
that the two 2k domains which are parent and child
domains of each other were configured as multiple zones
on the existing platform. So here is what I have. Our
parent domain zz.com will remain on the existing domain.
Our two 2k domains are yy.zz.com and xx.yy.zz.com. I
really wanted two 2k servers to be authoritive for
yy.zz.com domain and xx.yy.zz.com domain in a single zone
but since they are separate zones in the existing
infrastructure they migrate over as seperate zones. I
could try and modify the zone files manually or my other
option seems to be start from scratch on windows 2000
after delegating authority for yy.zz.com and recreating
the windows 2k recoreds by netdiag /fix. This will fix
the SRV records but my dynamic host records will have to
re regester. I have tried to test it out in our lab and
I get about half the workstations regestering. I tried
to ipconfig /regesterdns but that does not seem to do the
trick. Any Ideal would be helpful. I know this is long
and confusing Im sure.
Click to expand...
Click to expand...

In addition to Dmitry's suggestions.....

If your child zones are being hosted by the child domain's respective DNS
servers, then you may want to use a delegation, You would delegate the child
zone from the parent (or root) DNS server to the DNS server hosting the
child zone. Then you would forward from the child DNS server to the parent
DNS server. Then forward to the ISP from the parent.

255248 - HOW TO Create a Child Domain in Active Directory and Delegate the
DNS Namespace to the Child Domain:
http://support.microsoft.com/?id=255248

The delegation will separate the zone data to their respective DNS server(s)
and may be what you're looking for. In addition, not sure if the child
domains are in another site, but this would add efficiency to the child
domain's DCs and clients so that sort of traffic doesn't traverse your WAN
links.




--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
In (e-mail address removed) <[email protected]>
posted a question
Then Kevin replied below:
: I have a interesting project ahead. Our current
: environment runs DNS on Metal IP. (Checkpoint) product).
: Anyway with our active directory structure growing and
: its reliance on DNS we decided it be better to go ahead
: and move the AD zones over to windows 2000. So our
: parent domain will remain on the existing dns platform.
: Our subdomains for 2k will move to windows 2000. This
: seemed simple enough until looking at it further I see
: that the two 2k domains which are parent and child
: domains of each other were configured as multiple zones
: on the existing platform. So here is what I have. Our
: parent domain zz.com will remain on the existing domain.
: Our two 2k domains are yy.zz.com and xx.yy.zz.com. I
: really wanted two 2k servers to be authoritive for
: yy.zz.com domain and xx.yy.zz.com domain in a single zone
: but since they are separate zones in the existing
: infrastructure they migrate over as seperate zones. I
: could try and modify the zone files manually or my other
: option seems to be start from scratch on windows 2000
: after delegating authority for yy.zz.com and recreating
: the windows 2k recoreds by netdiag /fix. This will fix
: the SRV records but my dynamic host records will have to
: re regester. I have tried to test it out in our lab and
: I get about half the workstations regestering. I tried
: to ipconfig /regesterdns but that does not seem to do the
: trick. Any Ideal would be helpful. I know this is long
: and confusing Im sure.

The zz.com zone needs a delegation named "yy" the delegation should point to
the Win2k DNS with the "yy.zz.com" zone.

The Win2k with the "yy.zz.com" zone needs a delegation named "xx" pointing
to the Win2k DNS with the "xx.yy.zz.com" zone.

On the Win2k with the "xx.yy.zz.com" zone you must set the forwarder to the
Win2k with the "yy.zz.com" zone and check the box "Do not use recursion"

On the Win2k with the "yy.zz.com" Zone you must set the forwarder to the DNS
with the "zz.com" zone and check the box "Do not use recursion"

This will allow All DNS servers to resolve all domains in the hierarchy.
 
Back
Top