?
Solved

Installing/Configuring a new DNS server

Posted on 2007-03-30
3
Medium Priority
?
198 Views
Last Modified: 2010-04-18
I have a domain controller that I need to demote. I have built a new DC and I have installed DNS, but it's not configured. Looking at the properties of the DC that I want to demote, I see settings that I don't see on the DC that does not have DNS configured (makes sense). Looking at the properties of my Forward lookup zone on the DC that I need to demote, I see that this AD integrated and that the zone is set up to replicate to all of the domain controllers in the domain (again, that makes sense). Dynamic updates are set to secure and nonsecure (Microsoft Default), and it seems like each DC (I also have 2 W2K DCs that will be demoted as well) are their own SOA server.

After that long description, my question is about the configuration of DNS on my newest DC. If I go the the dnsmgmt.msc and select "action"->"Configure a DNS server", it brings up a wizard and I don't want to complete the wizard if I'm going to mess something up. I'm new to setting up DNS and I want to make sure that I don't do something that will mess up my internal name space.

BTW, our site is hosted off site, so my namespace is used to resolve internal addresses and requests are forwarded to our host. (At least in theory I think that's how it's set up).

I'm also interested in how the forwarders should be set up. I assume the forwarders are servers on my network that direct internet traffic the name servers at my site host.

Please explain this to me like I'm a "4 year old".

Thanks for the reply!!
0
Comment
Question by:punchie123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
Sorenson earned 2000 total points
ID: 18823764
Was DNS installed before the server had dcpromo run?  If so, uninstall DNS, and reinstall.  It shoud automatically get the AD zone when it replicates with the other DCs.

Forwarders are the reference point for dns lookups.  The client looks to a dns server, if the dns server has the domain (locally) it responds to the query, if it does not have the domain, it looks to a forwarder to an answer.  Forwarders are used to control the "path" that DNS queries take when looking for responses.  This allows admins to control where responses come from, and is important when internal and external dns are used (keep internal clients from getting external addresses for resources, etc).

hope that helps.
0
 

Author Comment

by:punchie123
ID: 18823928
Yes, DNS was installed before DCpromo was run. Funny you ask that question, because I was confused with this rule "DNS needs to be installed before AD can be installed on a server". I took that to be a literal statement in the terms that DNS needed to be installed on that server in order for AD to be installed. To further clarify, I thought it was "server specific" instead of "domain specific".

In short, DNS was configured before I ran dcpromo on the latest DC. The zones seemed to have transferred the the new DC as well (pretty quickly I might add), but the DC that I want to decommision still has the root hints and the listing for the forwarders in the domain. How do I move that to the new DC or will that info be transferred automatically?
0
 
LVL 10

Expert Comment

by:Sorenson
ID: 18824058
The forwarders will need to be set manually, they are server specific.

Any active-directory integrated zone is stored within the AD database, and would be domain specific, however it requires the DNS service installed to be "seen" on that DC.  If DNS is installed before the server is DCPromo'd it seems to lose it's AD integration, uninstalling and reinstalling puts it back.
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question