• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1695
  • Last Modified:

How to configure redundant Microsoft DNS servers

I need to add a second DNS server for redundancy. I currently have an active directory domain, with one of the DC's running DNS services. I would like to add DNS to my second DC so that both can act as DNS servers.

Can anyone guide me in this area?

4 Solutions
Chris DentPowerShell DeveloperCommented:

Hi there,

It's nice an easy :)

Install the DNS Service on the Second DC. Allow 15 - 20 minutes for Replication to occur, then you should see all Zones you have configured as Active Directory Integrated.

Then just point all your clients and servers to it.

If your DNS server is DC with DNS service active integrated in AD, you can promote a second server to DC (previously add DNS server in Add/remove programs). Configure your new DNS server from DNS MMC, you only need to mark integrate with Act1ve Directory after define a new zone.
Then, the data of DNS AD will br copied to your new server.
Remember to change your workstations in order to use your new DNS server.
If your DNS zones are Active Directory-integrated, simply install the DNS server service onto your 2nd DC and Active Directory will automatically replicate DNS data to the 2nd DC.  Your only action at that point will be to configure your clients and member servers to use the IP address of the 2nd DC as a secondary IP address - if you are handing out IP addresses using DHCP, this can be done centrally on your DHCP scope and you're done.
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Brian PiercePhotographerCommented:
Just to clarify (I hope)

Install DNS on the second domain controller (DNS will replicate automatically if you are using Active Directory Integrated DNS)

The domain controllers should each point to themselves as their own Preferred DNS Server
The domain controllers should point to each other as the Alternate DNS Server

Clients should have one DNS server set and their Preferred DNS server and the other DNS sever as their Alternate DNS server - this may be set via the TCP/IP properties or with DHCP options.

Its also not a bad idea to make sure both DCs are global catalog servers - go to Administrative Tools, Active Directory Sites and Services, Expand, Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)
For fine adjust only:
MS says that DNS server should only point to themselve, no another DNS server need to be specified, because a deadlock in DNS resolution can occurs.
Hello again,

Do you have a good result in your topology?

Don't hesitate contact again.

Brian PiercePhotographerCommented:
The process is as follows:
Install Windows 2003 on the new machine

Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select Additional Domain Controller in an existing Domain

Once Active Directory is installed then to make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the"Global Catalog" checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

Assuming that you were using Active Directory Integrated DNS on the first Domain Controller, DNS will have replicated to the new domain controller along with Active Directory.

If you are using DHCP you should spread this across the domain controllers, In a simple single domain this is easiest done by Setting up DHCP on the second Domain controller and using a scope on the same network that does not overlap with the existing scope on the other Domain Controller. Don't forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set to one domain controller, and the Alternate DNS to the other, that way if one of the DNS Servers fails, the clients will automatically use the other.
bereanbsAuthor Commented:
Great answers - As it turns out, by the time I read the responses it was already replicated and good to go!  I just didn't wait long enough.  Sorry for the delay in closing out the question.

Thanks again!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now