How do I add a windows 2003 domain controller to non domain windows 2003 DNS server?

Azhrei1 used Ask the Experts™
Dear experts,

I'm migrating from Novell 5.0 to Windows 2003 Active Directory.

All my workstations are currently using a windows 2003 DNS, not in a domain.

I've installed a new server with windows 2003, ran dcpromo, and installed Exchange 2003 on it, all works perfectly.

1. How do I join my existing workstations to the domain, using the old DNS server? Do I add the server to the domain? Cuz atm the workstations will report they can't find the domain controller (dns server has no domain controller srv record).

2. The old DNS server is also functioning as nameserver for 3 websites, and this company has 3 seperate locations.

Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
tigermattSite Reliability Engineer
Most Valuable Expert 2011

You can manually add an A record for your domain controller by opening the DNS applet in Administrative Tools, select Forward Lookup Zones, your internal domain name of your DC, right-click on a blank space in the main panel, "New Host (A)", in the dialog box type the name of the DC. The next greyed out box should have the FQDN, i.e. the name you just typed with the forward lookup zone suffix appended to it. THen in the last box type the IP address of the DC. Ensure the option to create a PTR record is ticked then OK out.

If you run nslookup from a client or the DC itself assuming they're all querying the old DNS server and then type the DC's name you should get the A record you just made with the IP address of the DC.

Hope this helps
1) point all workstations to the new Windows 2003 domain controller IP address for DNS resolution.

2) Forward your Windows 2003 domain controller DNS server to your existing DNS server

In the DNS  console, right click your server name and choose properties from the drop down box.  Click the forwarders tab.  Enter the IP address of your old DNs server here.

check resolution...
Is the new 2K3 domain a different domain than the 2K3 DNS is set up to provide?

I know "hindsight is 20/20" but wouldn't it have made more sense to dcpromo the 2K3 server you already had, to start your forest with the existing DNS, and then add the Ex server to it - especially since it's not recommended to have your forest root controller also running Ex?

Anyway, is it a different domain - like as in the zone the DNS server is servicing is and you made the forest domain mycompany.lan?

Why not have the new DNS service on your forest first in the DNS search sequence on the client PC's, or maybe the only one - and forward other requests from the forest DNS server to the standalone DNS server?

What's providing DHCP?  Ideally, you want both DHCP and DNS provided by a DC in your forest, so you can have DDNS for your client PCs before they join the domain.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!


Hi, thanks all for your quick answers!

1. We don't use DHCP, all clients have a manually allocated IP, which is also in our helpdesk database

2. The old, primary W2K3 DNS server is not in the domain, and does not have the hardware to become a domain controller, it's a low budget I have to work with here, which is also why the new server has to be DC and EX at the same time. (and also serving as fileserver). Lucky there are not many concurrent users.

3. tigermatt, adding an A-record does not seem to allow clients to find the domain controller, since it's not an SRV record.

4. NJComputerNetworks, I do not want to use my domain controller as primary DNS, only as a last resort if you guys convince me it's the best way to fix this.

I hope you'll all be able to help me soon :)


can't i just make the DNS servers synchronise every few minutes without putting the old DNS in my domain? :)
Your domain controller should be primary DNS for the internal network for best results.  If you have the external network served by the non-Domain server's DNS, as you say, you could still set things up so the AD DNS server forwards non-zone requests to the non-Domain server (and set up a zone transfer scheme if you have the unfortunate circumstance of not using a "private zone" for AD.)

As has been mentioned, AD requires its DNS to have SRV records.  If you didn't initially set up the AD server to use the non-member server's DNS as its DNS service (which would be a reason why it has no SRV records) then you should keep them separate but change things so your internal clients look to the AD DNS first, which, as I suggest, should then forward any non-zone requests to the other DNS server.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial