I am setting up a remote site that will be under the same domain umbrella.  this environment is a Windows 2003 Server.  I have the AD replicated and now I am doing the DNS server.  Do I want to make this, Dns run off the local sever or the parent domain server??
Who is Participating?
Pete LongConnect With a Mentor Technical ConsultantCommented:
Hi dtooth71,
Make the DNS active directory integrated, then it will replicate with the AD traffic, then just point your clients (or servers) at the NEAREST server running DNS

dtooth71Author Commented:
so if my parent domain is at site 1 I would want to make the DNS at site 2 run off site one DNS and then point all the clients at site 2 to site one?

lets say the VPN between the sites would fail.  with the DNS pointing t site 1, what effect would this have on site 2?
I agree with PeteLong, if you want the DNS server to automatically replicate with the AD then set it up as an AD Integrated DNS.  If you dont have any other AD Integrated DNS server(s) then you may want to set it up as a secondary DNS server if you want it to replicate with a primary DNS server.  Otherwise if you dont want it to interact at all with the other DNS server(s) then make it a primary.
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

adamdrayerConnect With a Mentor Commented:
you should normally make all Domain Controllers "Active Directory-Integrated".  no matter if they are over WANs or not.  If you require an alternative setup, then you should probably seek professional assistance.  all clients at site 2 should point to site 2 for DNS.  This is the point of Windows 2000/2003 Domain Controllers and AD-Intregrated DNS.  Except for a few Operations roles, all Domain Controllers are equal with none being more important than the other.  Active Directory-Intregrated DNS has a multitude of advantages including Multi-master replication.  Although you only have 2 DCs, if you had more, you would have to wait for one to replicate to another, and then that one to replicate to a third one, etc...
Yes, bond yourself to the ongoing dependency for Microsoft.  Just as Microsoft failed in its attempt to deploy WINS as the dominate naming system for the internet, now lets change all that has work well for other operating systems and include some sort of Active Directory-Integrated DNS server.  Although probably 95% of the public DNS servers on the internet are ran on a non-Microsoft OS, why not bind yourself into such a dependency.  

The choice is if you are a Microsoft only environement and don't mind adding extra overhead to your network bandwidth and server process go ahead an use the AD integrated, otherwise you may want to explore your other options.
This is the Microsoft Networking Topic Area.  If you have personal grievances against Microsoft, I suggest you don't frequent this topic area.  Such remarks are considered inflammatory.  Please try and post constructive comments that are specific and helpful to the questioner's inquiry.

In my experience, people who are anti-microsoft are simply misinformed and under-experienced.  "probably 95%"?  if you don't know, why make up statistics?  Besides, this person is not running a public DNS.  There are environments in which certain systems are more beneficial than others.  If you cannot see the good in any particular system, it is probably because you lack the industry experience needed.
My only point is that the Microsoft only solution may not be the best thing for Microsoft Operating Systems.  I see no reason in using Active Directory-integrated unless you want to replicate with a remote active directory server and have another Active Directory-Integrated DNS server.  Being a remote location the administrator may not want the records from a remote DNS server, in that case an Active Directory-Integrated solution would not be the way to go.

As for the remark "you should normally make all Domain Controllers "Active Directory-Integrated", there has been no information stated that the parent DNS server is an AD Integrated DNS server.

And the remark "all Domain Controllers are equal with none being more important than the other" does not apply for a mixed mode environment.

And I apologize for my "Probably 95%" remark.  Your right, according to the survey of 37,000,000+ domains Microsoft has  6.237%  of the market.  Sorry for my 1.237% miscalculation.

source: http://mydns.bboy.net/survey/
Well my point was that he's already got AD replicating and both sites are under the same domain, so setting both DNS servers to AD Intregrated would be all the configuring needed, and there would be almost no added overhead.  He might not want DNS records from a remote network, but given that these machines are on the same domain and most likely not public, then not to want them should be a relatively important security policy that he would have been aware of and stated at the top.

For people not used to working with DNS, AD takes care of alot for you.  If you are not familiar with DNS and are looking to implement anthing else, you should consult a professional.

I said "except for a few operations roles, all Domain Controllers are equal with none being more important than the other", the only difference between win2k DCs are the operations roles.  The PDC is an operations role and although it's functionality varies depending on whether you are running mixed-mode or native, for DNS purposes, it does not matter.

You stated "Although probably 95% of the public DNS servers on the internet are ran on a non-Microsoft OS"  According to your own survey that you quoted ~95% of domains are run on BIND.  But we weren't talking about number of domains, we were talking about OSes and according to the same survey, 21.7% of the installations were Microsoft DNS.  Besides, I said that this person is not running a public DNS server, so a survey of what the big guys are using doesn't really apply.
Pete LongTechnical ConsultantCommented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.