DNS on secondary setup wrong

Posted on 2008-06-17
Medium Priority
Last Modified: 2011-10-19
I am deploying a new server and it is going to be a secondary DNS server.  It has already been configured as a primary dns server.  When I attempt to delete the zone, it gives the warning that it is an AD integrated zone.  Server 18 is to be the primary DNS and Davis-RKP is to be the secondary.  If I delete the zones under the Davis-RKP server will it affect the zones under the Server18 server? (see attached pic)  Or can I just change the Zone Type under Davis-RKP from Integraded to Secondary.  

Thank you very much.
Question by:sjsell
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 70

Expert Comment

ID: 21806163
Is there any reason that you are not using AD Integrated DNS?
This is much more efficient and allows you to have multiple primary DNS servers and i is a lot less hassle.
LVL 13

Assisted Solution

ocon827679 earned 100 total points
ID: 21806187
Are both of these servers domain controllers?  If so, why not leave them as AD Integrated.  The pros of AD Integrated certainly out weigh the cons.  There is no advantage to a secondary zone over and AD Integrated Primary.

Author Comment

ID: 21806223
The book that I was reading made it sound like it can be bad to have multiple Primary DNS servers.  You should have one Primary and the rest should be secondary.  I plan on leaving server18 (what is our primary dns server) AD integrated.  I just wanted the Davis-RKP to be a secondary.  If I leave it as a primary, and I need to make a change to anything do I have to do it to all of the servers or can I just increment the serial number and it will replicate to the other DNS server?

Thanks for the amazingly fast reply.
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

LVL 70

Accepted Solution

KCTS earned 400 total points
ID: 21806315
Not at all. AD Integrated DNS is more secure, integrates fully with Active Directory, if more efficient as it uses AD replication rather than relying on zone transfers and as it uses the multi-master model there is less latency as all servers can update each other. AD Integrated DNS should really be used as the default and you have to have a good reason not to use it, rather than justify its use.

Author Comment

ID: 21806361
Thank you.  I will leave it as AD integrated then.  Let me make sure I understand updating it then.  If I update any of the DNS servers, it will replicate to any other AD integrated DNS server?  Do I need to increment the serial on the SOA on the server I am updating or will it do that automatically when I make a change?
LVL 70

Expert Comment

ID: 21806390
Make the change on any server and when replication occurs the other servers will be updated automatically - no need to do anything

Author Closing Comment

ID: 31468097
Wow. Thank you for your fast responses.  I've been toying with joining EE for a long time and this one had me stumped so I tried a trial.  I will be joining permanently now.  Thanks and expect a LOT of questions in the future.

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses
Course of the Month15 days, 16 hours left to enroll

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question