Solved

Windows 2003 AD DNS best practices

Posted on 2004-08-25
3
1,517 Views
Last Modified: 2013-12-19
We are days away from upgrading our domain to a Windows 2003 Active Directory.  This is how I propose to perform the upgrade

We have the following scenario

1 X NT4 PDC
1 x NT4 BDC

1 x Windows 2003 Server which hosts Pri DNS and which will be the eventual main DC, FSMO master
1 x Windows 2003 Server which hosts Sec DNS and which will be the second DC

I have already created the neccesary zones, namely,
_msdcs.mycompany.co.uk
 _sites.mycompany.co.uk
_tcp.mycompany.co.uk
_udp.mycompany.co.uk
ForestDNSZones.mycompany.co.uk
DomainDNSZones.mycompany.co.uk

all zones support dynamic updates

So, when I upgrade our PDC, DNS setup will complete without a hitch using the existing DNS server.  I will then run dcpromo on the Pri DNS once I am happy with the upgrade.

Anyway, this is my question.  The zones above are all Standard Primary on the Pri DNS server with the Sec DNS Server listed as additional nameserver.  Should I

1) Set up secondary zones on the Sec DNS server then once I have promoted both servers to DCs change the zone types to AD Integrated
2) Leave the zones just residing on the Pri DNS server.  Then, once I have promoted the first server, change the zone type to AD integrated and then promote the second.

I know it probably seems like a very subtle distinction, but I would appreciate some input.
0
Comment
Question by:hstiles
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 23

Assisted Solution

by:rhandels
rhandels earned 50 total points
ID: 11893304
Hi,

I would say use the second option, this will make your live easier. If the first DNS server works and you make it AD integrated, then you're sure the second will also work (because of AD integration). If something goes awire on you in option 1, you have a big problem..

Only thing to take into account (not sure if this is necesarry though), i would delete the secondary DNS zone from the other DC, else you might get conflicts because it has a secondary zone and needs to be AD integrated..
0
 
LVL 37

Accepted Solution

by:
bbao earned 75 total points
ID: 11898639
agree with rhandels.

FYI, the OFFICIAL bast practice, hehe :)

Best Practice Active Directory Design for Managing Windows Networks
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/plan/bpaddsgn.mspx

Best Practice Methods for Windows 2000 Domain Controller Setup
http://support.microsoft.com/?id=kb;en-us;216899

hope it helps,
bbao
0
 
LVL 13

Author Comment

by:hstiles
ID: 11988961
Extra point sfor bbao for those handy links
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
An article on effective troubleshooting
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question