How do I Installing a backup DNS server?

[James W. Long]

Dear All

Happy New Year!

How do I install BACKUP DNS
on a W2k Server member DC?

our only DNS server is AD-Integrated

we want to install a backup DNS server on
a member dc.

Is there a cookbook procedure to make it
"backup" and then get zone transfers going
with the "primary" dns server?

Thank you in advance,
James W. Long

 

[Guest]

Does "W2k Server member DC" mean that this machine is actually a Domain
Controller in AD, or is it simply a Server joined to the AD domain to perform
some other functions such as File & Print (hence "member Server")?

If it is a DC, simply install DNS and configure it as Active-Directory
Integrated. One key advantage is that DNS zone transfers are handled as an
integral part of AD replication. So separate DNS administration is not
necessary.

On the other hand if it is only a member Server, install DNS and configure
it as Secondary DNS to the desired zones (on the AD-integrated DNS). Ensure
that zone transfer is permitted only to this new DNS Server if security is
important to your organization.

 

[James W. Long]

Dear Desmond:

Thank you for your help.

This machine is actually a Domain Controller in AD.

I assume I pick the active directory integrated option.

will my existing zones show right up
in the DNS MMC? same as it ever was.

And what about zone transfers,
that gets handled automatically by AD replication??
no primary-secondary zone xfer to configure?
(it makes sense)

and last, I think after I install DNS on this DC
I should reinstall svcpk4 and re-update from
MS windows update again, correct?

Anything else I should know or be aware of?

Thank you,
James W. Long

 

[Guest]

I assume I pick the active directory integrated option.

will my existing zones show right up
in the DNS MMC?

All AD-integrated DNS zones* will automatically show up in other Win 200x
DNS Servers that are part of the same AD domain. Others (primary or
secondary, non AD-integrated) will need to be manually (re)created.

And what about zone transfers,
that gets handled automatically by AD replication??
no primary-secondary zone xfer to configure?

Yes, except as noted in previous paragraph.

and last, I think after I install DNS on this DC
I should reinstall svcpk4 and re-update from
MS windows update again, correct?

No. Since Win 200x, Service Packs do not need to be explicitly reinstalled
when core OS components (such as DNS) are added, as in your case.
Nevertheless, any new patches and/or hotfixes will need to be applied as part
of standard patch management process.

Anything else I should know or be aware of?

Based on your initial inquiry, no. You are ready to go.

Do let us know if this helps. Happy New Year to you too!


* forward and reversed

 

[James W. Long]

Dear Desmond:

Thank you for all your advice!

I have one last question before I feel I am ready to install this
secondary DNS server.

Every time I install a DNS server it asks about forests and trees.
Evidently I can't see the forest for the trees because I am not sure
how to answer these questions. In the past I was fortunate to
get them to work but this is a different situration.

We already have a domain called corp.com where corp is representative
of our real domain name. I want to set up this secondary DNS server
so it serves in that same domain.

How do I answer those tree/forest/new forest questions?

Thank you in advance
James W. Long.

 

[Guest]

AD-integrated DNS Servers are all peers i.e. each is a primary DNS Server
where read and write operations are allowed.

A non-DC Win 200x Server (member server in domain) can be installed with DNS
services then a conventional secondary zone configured to your existing AD
DNS zone. In such a case, AD forest or tree is irrelevant.

If "corp.com" is the only AD / DNS domain in your organization, this implies
that there exists an AD forest (corp.com) that happens to have only a single
AD tree (corp.com).

Do let us know if this helps. Good luck!