DNS on secondary setup wrong

Posted on 2008-06-17
Last Modified: 2011-10-19
I am deploying a new server and it is going to be a secondary DNS server.  It has already been configured as a primary dns server.  When I attempt to delete the zone, it gives the warning that it is an AD integrated zone.  Server 18 is to be the primary DNS and Davis-RKP is to be the secondary.  If I delete the zones under the Davis-RKP server will it affect the zones under the Server18 server? (see attached pic)  Or can I just change the Zone Type under Davis-RKP from Integraded to Secondary.  

Thank you very much.
Question by:sjsell
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 70

Expert Comment

ID: 21806163
Is there any reason that you are not using AD Integrated DNS?
This is much more efficient and allows you to have multiple primary DNS servers and i is a lot less hassle.
LVL 13

Assisted Solution

ocon827679 earned 25 total points
ID: 21806187
Are both of these servers domain controllers?  If so, why not leave them as AD Integrated.  The pros of AD Integrated certainly out weigh the cons.  There is no advantage to a secondary zone over and AD Integrated Primary.

Author Comment

ID: 21806223
The book that I was reading made it sound like it can be bad to have multiple Primary DNS servers.  You should have one Primary and the rest should be secondary.  I plan on leaving server18 (what is our primary dns server) AD integrated.  I just wanted the Davis-RKP to be a secondary.  If I leave it as a primary, and I need to make a change to anything do I have to do it to all of the servers or can I just increment the serial number and it will replicate to the other DNS server?

Thanks for the amazingly fast reply.
Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

LVL 70

Accepted Solution

KCTS earned 100 total points
ID: 21806315
Not at all. AD Integrated DNS is more secure, integrates fully with Active Directory, if more efficient as it uses AD replication rather than relying on zone transfers and as it uses the multi-master model there is less latency as all servers can update each other. AD Integrated DNS should really be used as the default and you have to have a good reason not to use it, rather than justify its use.

Author Comment

ID: 21806361
Thank you.  I will leave it as AD integrated then.  Let me make sure I understand updating it then.  If I update any of the DNS servers, it will replicate to any other AD integrated DNS server?  Do I need to increment the serial on the SOA on the server I am updating or will it do that automatically when I make a change?
LVL 70

Expert Comment

ID: 21806390
Make the change on any server and when replication occurs the other servers will be updated automatically - no need to do anything

Author Closing Comment

ID: 31468097
Wow. Thank you for your fast responses.  I've been toying with joining EE for a long time and this one had me stumped so I tried a trial.  I will be joining permanently now.  Thanks and expect a LOT of questions in the future.

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question