Solved

Setting up DNS on additional domain controller

Posted on 2006-06-12
8
298 Views
Last Modified: 2008-03-10
I have 3 locations and have setup additional domain controllers at the remote sites to keep some of the traffic to a minimum over the WAN link.  I have followed the instructions on my previous post http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21828243.html but still a little confused on how the DNS works.  I have promoted the new server in the subnet of the remote location and setup the new site in Sites and Services.  Will all authentication now occur locally on that subnet?  I also installed DNS on the new server but didnt know  if I needed to setup a new Forward Lookup Zone or replicate from the domain controller at the other site?  Is there a setting I need to change on the DNS server at the main site?  Please help.
0
Comment
Question by:cjewett
  • 3
  • 3
8 Comments
 

Author Comment

by:cjewett
ID: 16889860
I think I may have found the answer to my own question in Microsoft KB 816518.  Dont know if thats the correct answer or not just updating everyone.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16889968
Yes, authentication will occur locally if you setup a site and associated the subnet for that site to it.

On the main site, make sure the zones are AD Integrated.  That's all.
When DNS is installed on another DC it will automatically create and populate the zones from the main site.

No other work on this is required other than creating the Reverse Lookup zone for the new subnet.  This only needs to be done on one DNS server then replication will take care of the rest.

If you do not see any zones building up on the remote site then there is something wrong with the communication between it and the main site.

Let us know.
0
 

Author Comment

by:cjewett
ID: 16894681
I have talked with one of my peers and they said that configuring this additional domain controller as a Secondary Name Server was not the proper way to do this (Which I think you are saying as well).  According to him you should just be able to install DNS and it will replicate from the other DC.  When I install DNS on this DC all the reverse lookup appear but not the forward lookup zones.  I reversed the changes I made in the KB article and uninstalled and reinstalled DNS on the second DC, made sure the the zones are AD integrated on the primary but they still dont populate.  So I dont have to add a forward lookup zone on the secondary?  Dont know what Im doing wrong.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 51

Expert Comment

by:Netman66
ID: 16894863
Is replication working properly?

It takes a little while if it's in a remote site.

0
 

Author Comment

by:cjewett
ID: 16895615
I rebooted the remote server and they finally appeared.  After the reboot I was getting Event ID 5774 several times.  I did a little research and ended up adding the primary DC IP in the seconday DNS on this server and rebooted to test and the message went away.  Is this normal to have to add the IP of the primary DC in the secondary DNS?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 16896000
Normally you would, yes.  Your new server would throw a few errors until it had all the records - thus the secondary would be used in the meantime.

0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question