[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 269
  • Last Modified:

DNS server deleted during DC demotion. No running DNS server on Domain. How do I rebuild?

I have 3  Win2003 servers.  I demoted my PDC so I could set it up with Exchange 2003.  It was also my DNS server.  The demotion went fine (well, maybe not) but the DNS deleted as well.  There are no longer any zones configured.  Active directory on my new PDC looks complete.  How do I rebuild my DNS?

0
srsdtech
Asked:
srsdtech
  • 6
  • 3
1 Solution
 
oBdACommented:
What exactly do you mean with "demoted my PDC" and "AD on my new PDC looks complete"? What was your setup (DNS, AD) before you demoted the machine, what is your current state now? What is the "final state" you want to have?
As to what happened: your zones were AD integrated, so they're only available if the DNS server is running AD as well.
0
 
srsdtechAuthor Commented:
I only had two real servers on the network.  The rest were in different states of rebuild and phase-out and have limited network functionality.  Fileserver and Netserver were both DCs with AD and global catalog (win2003).  Netserver had the 5 FSMO roles, timeserver role, and DNS.  I transferred the first 6 roles to fileserver and then removed active directory from netserver without intentionally changing DNS in any way.  After the demotion, I looked at my event logs to see how things went.  I had a bunch of 4015, 4000, and 4001 errors in DNS, so looked at my DNS to see what was happening.  There were no zones configured.  That brings you up to about 15 minutes ago.
0
 
srsdtechAuthor Commented:
Re "AD looks complete"

The AD now resides on fileserver, the only DC currently on the network.

There seemed to be fewer columns displayed for the objects than I remember, but all the entries were there and a spot check of records revealed that all the information appeared to be there as well.
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
PberSolutions ArchitectCommented:
The original PDC you demoted probably had an Active Directory integrated DNS zone.  When you removed AD from the box, so went DNS as this is stored in AD.
If you want DNS to remain on this box, you will need to make it a secondary DNS server pointing to your new PDC.

0
 
srsdtechAuthor Commented:
Pber--that rings a bell.

Oops.

The problem is that was the only server running DNS.  Is it a big deal rebuilding my DNS from scratch on an existing domain?  I am researching that as I do this (this forum is part of my research) but have not settled on a course of action yet.
0
 
oBdACommented:
So no DNS on the new DC? That's bad. For the quickest resolution (assuming NewDC and all the other machines in your network are currently pointing to OldDC for DNS, and assuming you want DNS on NewDC from now on), create a new forward lookup zone for your AD domain on OldDC, enable dynamic updates for the zone. Allow zone transfers to NewDC.
On NewDC, open a command prompt and enter "ipconfig /registerdns", and restart the netlogon service. Run ipconfig /registerdns on any other vital server that needs to be resolved by your clients.
That should get you going again; the next steps don't need to happen immediately.
Install DNS on NewDC; create a secondary zone with OldDC as master. Let the zone replicate.
Change your clients to use NewDC as DNS server.
Change NewDC to use itself as DNS server, and finally change the zone type of the secondary zone on NewDC to primary and AD integrated.
Check if everything works OK, and delete the zones from OldDC.
0
 
srsdtechAuthor Commented:
Thanks, oBdA.  I'll start on that now and re-post as soon as I complete the steps.  
0
 
srsdtechAuthor Commented:
Wow.  Well, I started messing around and discovered DNS was up and running on the new PDC.  Apparently, it was installed as part of the demotion process of the old PDC. (?)

I feel a little foolish, but never thought to look there because I knew I had not intentionally installed DNS on the new PDC myself.

Before I close this, I will ask one more question.  The DNS is set up on the new DC as AD-integrated.  Will the old DC (which no longer runs AD) work okay as a backup DNS server, or should I remove the DNS role from the old DC and use my third server (which will have AD installed on it) as the backup DNS?

What I am actually asking is:  Is it best to run DNS on a server that runs AD?
0
 
oBdACommented:
Then you had the DNS service already installed on NewDC; that's the benefit of AD integrated zones.
Anyway, if you have another DC, then yes, it's best to run DNS on it as well. Keeping OldDC as DNS server would require to create a secondary zone on OldDC and replicate this the old-fashioned way. AD integrated zones have the big advantage (apart from secure updates) that each DNS server is SOA ad can write to the zone.
0
 
srsdtechAuthor Commented:
Thanks.  I'll remove DNS and set it up on the third server then.  Appreciate your prompt attention to this.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now