[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Do I need to install DNS on my backup Domain Controller?

Posted on 2009-02-23
6
Medium Priority
?
719 Views
Last Modified: 2012-08-13
Hi all,
I am building a domain controller for the first time and my question is:
Do I need to install Active Directory or DNS on my backup domain controller or does my Primary Domain Controller have an option to copy everything to my backup DC?
Will it also need the same static IP?

Thanks much
0
Comment
Question by:techin4
6 Comments
 
LVL 12

Assisted Solution

by:michaelgoldsmith
michaelgoldsmith earned 150 total points
ID: 23716932
You can run DNS on your DC only. Any member server on the domain can also be a replication partner for AD as well (which is never a bad idea in my opinion).
0
 

Author Comment

by:techin4
ID: 23717082
Hi Michaelgoldsmith,

So I should run DNS only on my Primary DC and NOT on my Backup DC?

Thanks
0
 
LVL 7

Accepted Solution

by:
crokeefe28 earned 300 total points
ID: 23717198
First and foremost....I see many people use the terms PDC and BDC.  A server is either a domain controller or it isn't.  Don't be confused by the FSMO role terminology.  Second, I couldn't disagree more with the other comment.  It is typically best if you do install DNS on any DC that you wish (especially if you have a large network).  Furthermore, if the DNS server will be pounded to death, it should be on it own set of servers.  All DC's replicate traffic via FRS, and now in 2008, via DFS.  The only other options to think about are where to place global catalogs and the other FSMO roles.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 12

Expert Comment

by:michaelgoldsmith
ID: 23717204
I don't see any harm in running DNS on both servers.

If you run DNS on both servers, you will need to set your DHCP options to hand out both DNS servers in case one goes down.
0
 
LVL 7

Expert Comment

by:crokeefe28
ID: 23717238
Absolutely correct...
0
 
LVL 4

Assisted Solution

by:jsbush
jsbush earned 300 total points
ID: 23721063
In my opinion you always want to have DNS installed on your DC's unless you have very specific reasons not to.  The DNS installation should be a part of the Active Directory setup when you run DCPROMO.  There is no downside in most instances and many benefits to replicating DNS to other DC's.  As michael pointed out you want to make sure your DCHP server is set to hand out the IP addresses of both servers hosting DNS so if one were to fail then you would still be able to authenticate clients (ie. Login).

If you want to go a little further to make it foolproof, divide the DHCP scope across the two servers.  Essentially you setup DHCP identically on both DC's, same DNS servers, same reservations (if needed), same everything except the scope of addresses to be handed out.

Say you are on a 192.168.10.X network with a subnet mask of 255.255.255.0 so you have IP addresses available of 192.168.10.1 - 192.168.10.255.  The first server you set your available addresses in DHCP to 192.168.10.1 - 192.168.10.122 and the second server you set available addresses in DHCP to 192.168.10.123 - 192.168.10.254 (.255 is broadcast/not usable).  You can start your scope wherever you want of course.  But the benefit is that even if one server goes down completely and you lose DNS and DHCP (which would hand out DNS server addresses in the first place) you still have another server that can carry both roles and your users see no downtime.

Keep in mind you would have to ensure you add reservations to both servers.  If you put a network printer on 192.168.10.50 and reserved that IP on one server but not the other, the other server sees that IP as fair game to hand out to a client.

I know this is way off topic but it sounds like you could use a little redundancy in the network.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question