Solved

DNS on windows 2003 server

Posted on 2007-04-06
6
185 Views
Last Modified: 2010-04-18
I am in the process of transferring my domain onto a new Windows 2003 server, currently the domain controller is a Windows 2000 advanced server.

I have already run 'forestprep' & 'domainprep' on the Win2k advanced server.
Also added the Windows 2003 server as a member server.
Added DNS on the Windows 2003 server.

My query is ... should i configure the 'Forward lookup zone' on the windows 2003 server or just leave it blank?

After i do this .... i will run the FSMO role transfer from Win2k server to Windows 2003.

Please advise about DNS configuration if anything is required.
0
Comment
Question by:Fadal
  • 3
  • 3
6 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 500 total points
ID: 18864303
If I'm understanding you, you're trying to configure a DNS server on a 2K3 server that you intend to promote to domain controller status, yes?

If your DNS zone on the 2K server is AD-integrated, you don't need to take any actions to transfer the zone - it will automatically replicate to the 2K3 server after you run dcpromo on it.

If you are using standard primary and secondary zones, you'll need to manually configure a secondary zone on the 2K3 server and then change its designation to primary when you're ready to either retire the 2K server or change its zone to a secondary zone.

Be sure you've followed the steps listed in this KB before introducing the first 2K3 DC in your environment: http://support.microsoft.com/kb/325379

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 

Author Comment

by:Fadal
ID: 18864465
Laura,

Yes, I'm trying to configure a DNS server on a 2K3 server that i intend to promote to domain controller status.

How do i check if DNS zone on the 2K server is AD-integrated,?

Regards,
Pete
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18864492
Right-click on the zone and select Properties. The General tab will tell you whether it is a standard zone or whether it is AD-integrated.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:Fadal
ID: 18864633
Laura,

The forward looking zone for my domain shows 'Active directory integrated' on the general tab.

So nothing to do for DNS on the Win2k3 server ... right?

And then i run DCpromo on the Win2k3 server & add it as a secondary server before i transfer the FSMO roles?

Please advise any other steps required.

Regards,
Pete
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18864664
If your DNS zones are AD-integrated, DNS data will automatically replicate to the new DC when you run dcpromo, having followed the preparatory steps listed in the KB article I gave you earlier.  

You will add the 2K3 server as an additional domain controller in an existing domain - Active Directory doesn't have a notion of primary or secondary DCs.

Once the new DC is in place, you will need to update your client workstations with the IP address of the 2K3 server so that they can use it for DNS name resolution.
0
 

Author Comment

by:Fadal
ID: 18864824
Thanks Laura
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question