Solved

Setting up DNS on additional domain controller

Posted on 2006-06-12
8
299 Views
Last Modified: 2008-03-10
I have 3 locations and have setup additional domain controllers at the remote sites to keep some of the traffic to a minimum over the WAN link.  I have followed the instructions on my previous post http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21828243.html but still a little confused on how the DNS works.  I have promoted the new server in the subnet of the remote location and setup the new site in Sites and Services.  Will all authentication now occur locally on that subnet?  I also installed DNS on the new server but didnt know  if I needed to setup a new Forward Lookup Zone or replicate from the domain controller at the other site?  Is there a setting I need to change on the DNS server at the main site?  Please help.
0
Comment
Question by:cjewett
  • 3
  • 3
8 Comments
 

Author Comment

by:cjewett
ID: 16889860
I think I may have found the answer to my own question in Microsoft KB 816518.  Dont know if thats the correct answer or not just updating everyone.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16889968
Yes, authentication will occur locally if you setup a site and associated the subnet for that site to it.

On the main site, make sure the zones are AD Integrated.  That's all.
When DNS is installed on another DC it will automatically create and populate the zones from the main site.

No other work on this is required other than creating the Reverse Lookup zone for the new subnet.  This only needs to be done on one DNS server then replication will take care of the rest.

If you do not see any zones building up on the remote site then there is something wrong with the communication between it and the main site.

Let us know.
0
 

Author Comment

by:cjewett
ID: 16894681
I have talked with one of my peers and they said that configuring this additional domain controller as a Secondary Name Server was not the proper way to do this (Which I think you are saying as well).  According to him you should just be able to install DNS and it will replicate from the other DC.  When I install DNS on this DC all the reverse lookup appear but not the forward lookup zones.  I reversed the changes I made in the KB article and uninstalled and reinstalled DNS on the second DC, made sure the the zones are AD integrated on the primary but they still dont populate.  So I dont have to add a forward lookup zone on the secondary?  Dont know what Im doing wrong.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 51

Expert Comment

by:Netman66
ID: 16894863
Is replication working properly?

It takes a little while if it's in a remote site.

0
 

Author Comment

by:cjewett
ID: 16895615
I rebooted the remote server and they finally appeared.  After the reboot I was getting Event ID 5774 several times.  I did a little research and ended up adding the primary DC IP in the seconday DNS on this server and rebooted to test and the message went away.  Is this normal to have to add the IP of the primary DC in the secondary DNS?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 16896000
Normally you would, yes.  Your new server would throw a few errors until it had all the records - thus the secondary would be used in the meantime.

0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question