move primary DNS zone

  • Thread starter Thread starter chris blaeser
  • Start date Start date
C

chris blaeser

HOw do I move a primary DNS zone from a 2000 AD DC to member server?
Just setup DNS and create secondary zone on the member server and then
set it to primary or what..?

2nd related question: can I have an AD integrated DNS on member
server in a domain or does it have to be a DC in order to have AD
Integrated DNS?




thanks
 
In
chris blaeser in said:
HOw do I move a primary DNS zone from a 2000 AD DC to member server?
Just setup DNS and create secondary zone on the member server and then
set it to primary or what..?
Click to expand...

Yes. But if you continue to use the DC's DNS as an AD Integrated, you
shouldn't make the one on the member server a Primary, unless your
intentions are to remove DNS off the DC and not use it and only use DNS on
the new member server.
2nd related question: can I have an AD integrated DNS on member
server in a domain or does it have to be a DC in order to have AD
Integrated DNS?
Click to expand...

Option is only available on a DC. Curious, what are your intentions?


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
Just verifying the steps on how to roll back or move the DNS config of
to a member server incase we have name resolution issues next week.

We have just today consolidated several internal name spaces that were
primary Dns under NT onto DC's running w2k3 as primary zones and will
make them AD integrated instead of primary but are not sure of any
hooks in the process and do not want to mess up production services
that once pointed to the original DNS server IP (when it was a primary
on a member server). If for some reason we have issue I will move the
primary back to the member servers off the DC, we have not made them
AD integrated yet.

thanks again
 
chris blaeser said:
HOw do I move a primary DNS zone from a 2000 AD DC to member server?
Just setup DNS and create secondary zone on the member server and then
set it to primary or what..?
Click to expand...

That works easiest for one zone (or a few.)
2nd related question: can I have an AD integrated DNS on member
server in a domain or does it have to be a DC in order to have AD
Integrated DNS?
Click to expand...

No. You can only run "AD integrated" DNS on a machine with
Active Directory.

You cannot mix a (internal) Primary with an (internal) AD Integrated
DNS zone. They will not replicate*.

*This rule is specifically broken for "shadow DNS" to STOP them
from replicating when you have a Primary for EXTERNAL DNS
(the world to resolve your resources) and another Primary or AD-set
internally for your clients.

Note: Shadow DNS is really TWO DNS zones that happen to share
the same name, and SOME limited records through manual (Admin)
replication.
 
thanks

That works easiest for one zone (or a few.)


No. You can only run "AD integrated" DNS on a machine with
Active Directory.

You cannot mix a (internal) Primary with an (internal) AD Integrated
DNS zone. They will not replicate*.

*This rule is specifically broken for "shadow DNS" to STOP them
from replicating when you have a Primary for EXTERNAL DNS
(the world to resolve your resources) and another Primary or AD-set
internally for your clients.

Note: Shadow DNS is really TWO DNS zones that happen to share
the same name, and SOME limited records through manual (Admin)
replication.
Click to expand...
 
In
chris blaeser in said:
Just verifying the steps on how to roll back or move the DNS config of
to a member server incase we have name resolution issues next week.

We have just today consolidated several internal name spaces that were
primary Dns under NT onto DC's running w2k3 as primary zones and will
make them AD integrated instead of primary but are not sure of any
hooks in the process and do not want to mess up production services
that once pointed to the original DNS server IP (when it was a primary
on a member server). If for some reason we have issue I will move the
primary back to the member servers off the DC, we have not made them
AD integrated yet.

thanks again
Click to expand...

Once you make the zone AD Integrated on your DCs (like I said that option is
only avail on a DC), then the zone "act" as a Primary zone for any Secondary
zones you may create elsewhere, if you need to. But you can't make any other
Primary zones, because all the AD Integ. zones act as a Primary. Make sense?

AD Integration just means that the zone is now stored in the AD database. It
will now follow the AD replication process. That's why you can install DNS
on another DC and when you create this zone, it will recognize it in the AD
database and will pulll the data from there and populate the screen. If you
make a change on either DC, it will show up automatically on the other.
There's no zone transfer mechanism with this type of zone. Its all based on
the AD replication process. Adv are that the zones are 'multimaster'. You
can make a change on any DC and all of them will see it. They also 'act' as
a Primary for any secondary zones. Cool stuff.

You shouldn't have any problems, but just make sure all your servers AND
your clients IP properties are changed to show the new DNS IP address. Make
sure DHCP Option 006 (assuming you use DHCP for your clients) is also
changed to show the new DNS IP address.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
thanks, pretty cool

In

Once you make the zone AD Integrated on your DCs (like I said that option is
only avail on a DC), then the zone "act" as a Primary zone for any Secondary
zones you may create elsewhere, if you need to. But you can't make any other
Primary zones, because all the AD Integ. zones act as a Primary. Make sense?

AD Integration just means that the zone is now stored in the AD database. It
will now follow the AD replication process. That's why you can install DNS
on another DC and when you create this zone, it will recognize it in the AD
database and will pulll the data from there and populate the screen. If you
make a change on either DC, it will show up automatically on the other.
There's no zone transfer mechanism with this type of zone. Its all based on
the AD replication process. Adv are that the zones are 'multimaster'. You
can make a change on any DC and all of them will see it. They also 'act' as
a Primary for any secondary zones. Cool stuff.

You shouldn't have any problems, but just make sure all your servers AND
your clients IP properties are changed to show the new DNS IP address. Make
sure DHCP Option 006 (assuming you use DHCP for your clients) is also
changed to show the new DNS IP address.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
Click to expand...
 
In
chris blaeser in said:
thanks, pretty cool
Click to expand...

No prob, hope it helped.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
Back
Top