Secondary DNS

  • Thread starter Thread starter genghiz
  • Start date Start date
G

genghiz

Hello everybody:

Here is the scenario, I have two domain controllers, one has primary, and
the other has secondary DNS on it. Now I am trying to setup a DNS server in
a remote location for disaster recovery. This server will be in the same
domain as the other DCs. Currently the DNS is AD integrated.

My question:
What is the best configuration for the DNS in the remote site? Can this
server be turned into Primary DNS in case of a diaster?

Thanks
 
Hello genghiz,

In a domain use AD integrated zones, so all DC/DNS will have the complete
DNS zones during AD replication available and the zones are on any DC/DNS
server writable, instead with a secondary DNS server, that is read-only.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
 
In
Hello everybody:

Here is the scenario, I have two domain controllers, one has primary,
and the other has secondary DNS on it. Now I am trying to setup a DNS
server in a remote location for disaster recovery. This server will
be in the same domain as the other DCs. Currently the DNS is AD
integrated.
My question:
What is the best configuration for the DNS in the remote site? Can
this server be turned into Primary DNS in case of a diaster?

Thanks
Click to expand...

You are saying you currently have a Primary zone on one of your DCs, and a
Secondary zone on the other DC, but you are implying the zone is currently
AD Integrated.

This scenario would cause a conflict. Why? Because an AD integrated zone
means the data is stored in AD. It gets replicated to respective DCs based
on the replication scope (properties of the zone). If a zone's scope is set
to All DNS Servers in the Domain," then all DCs in the domain have a copy of
the zone. If set to the Forest, then all DCs in the forest have a copy. If
you create a Secondary zone of the same zone on another DC in the domain, it
will create a duplicate condition on the DC and the DC would promptly delete
it.

AD Integrated zones are ALL Primary zones. This is because the database is
shared among DCs with AD integration. They follow a Milti-Master model. They
are all authorative for the zone. They can all accept updates and changes,
which get replicated to other DC/DNS servers.

So in your case, if Iwere to assume the terminology is skewed and they truly
are AD integrated (no secondaries), then you can safely just install DNS on
that third server, and walk away. Do not manually create the zone. If the
zone is truly AD integrated, it will automatically appear within a half
hour. If you try to manually create it, another dupe situation will arise.
but this time in the AD database, which will cause major issues and is not
so easy to clean up.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
Microsoft Certified Trainer
(e-mail address removed)

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
 
genghiz said:
Meinolf and Ace thanks for you time, appreciate your input.
Click to expand...

I was hoping to hear back elaborating a bit on my questions to offer
specific help based on your scenario.

I just hope we were helpful enough to guide you in your goals.

Ace
 
Back
Top