Solved

Setting up DNS on additional domain controller

Posted on 2006-06-12
8
294 Views
Last Modified: 2008-03-10
I have 3 locations and have setup additional domain controllers at the remote sites to keep some of the traffic to a minimum over the WAN link.  I have followed the instructions on my previous post http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21828243.html but still a little confused on how the DNS works.  I have promoted the new server in the subnet of the remote location and setup the new site in Sites and Services.  Will all authentication now occur locally on that subnet?  I also installed DNS on the new server but didnt know  if I needed to setup a new Forward Lookup Zone or replicate from the domain controller at the other site?  Is there a setting I need to change on the DNS server at the main site?  Please help.
0
Comment
Question by:cjewett
  • 3
  • 3
8 Comments
 

Author Comment

by:cjewett
Comment Utility
I think I may have found the answer to my own question in Microsoft KB 816518.  Dont know if thats the correct answer or not just updating everyone.
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Yes, authentication will occur locally if you setup a site and associated the subnet for that site to it.

On the main site, make sure the zones are AD Integrated.  That's all.
When DNS is installed on another DC it will automatically create and populate the zones from the main site.

No other work on this is required other than creating the Reverse Lookup zone for the new subnet.  This only needs to be done on one DNS server then replication will take care of the rest.

If you do not see any zones building up on the remote site then there is something wrong with the communication between it and the main site.

Let us know.
0
 

Author Comment

by:cjewett
Comment Utility
I have talked with one of my peers and they said that configuring this additional domain controller as a Secondary Name Server was not the proper way to do this (Which I think you are saying as well).  According to him you should just be able to install DNS and it will replicate from the other DC.  When I install DNS on this DC all the reverse lookup appear but not the forward lookup zones.  I reversed the changes I made in the KB article and uninstalled and reinstalled DNS on the second DC, made sure the the zones are AD integrated on the primary but they still dont populate.  So I dont have to add a forward lookup zone on the secondary?  Dont know what Im doing wrong.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Is replication working properly?

It takes a little while if it's in a remote site.

0
 

Author Comment

by:cjewett
Comment Utility
I rebooted the remote server and they finally appeared.  After the reboot I was getting Event ID 5774 several times.  I did a little research and ended up adding the primary DC IP in the seconday DNS on this server and rebooted to test and the message went away.  Is this normal to have to add the IP of the primary DC in the secondary DNS?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
Comment Utility
Normally you would, yes.  Your new server would throw a few errors until it had all the records - thus the secondary would be used in the meantime.

0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now