Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Issue with 2nd DNS Controller Zone

Posted on 2009-05-07
9
Medium Priority
?
292 Views
Last Modified: 2012-05-06
I have a new DC on 2003R2 that I am building to replace existing 2003 DC. I am at the stage of setting up DNS. I want to build the DNS on the new box from scratch instead of pulling over the old existing one. Since I can't create a zone on the new DC with the same Zone name of "OurDomain" that is currently running on the dying DC, I have some questions.

Does the zone have to be the same name as our Domain?  Is there anything I should be aware of by introducing a new DNS zone name? Can I have both running temporarily until finished transfering fsmo roles to the new box?
0
Comment
Question by:MushroomStamp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24330275

The zone name you create must match your AD Domain, you can't create an arbitrary zone name here, there's no point.

You could change the zone type on the current server to Standard Primary (remove the AD Integrated tick). Then you can have two zones of the same name (one on each server).

May I ask why you want to drop the current zone?

Chris
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24330343
Is your current zone AD Integrated?  You could change it to primary and export it (to be safe) then the new ADI zone could have the same name.
The ADI zone will populate the new entries
What is wrong with your current zone?
Thanks
Mike
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24330376
Man o Man...a coworker came by and I didn't refresh in time.... wait I never surf EE at work haha
I should have known Chris would have been all over the DNS questions
 nicely done Chris :)
Thanks
Mike
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 71

Expert Comment

by:Chris Dent
ID: 24330385

lol no worries, happens to everyone :)

Chris
0
 

Author Comment

by:MushroomStamp
ID: 24330623
The current zone "OurDomain" is on the current DC. I am replacing the current DC with a new one.  Part of the process of setting up the new one is setting up the DNS server. I DO NOT want all the old garbage from the current DNS server, hence the reason I want to start from scratch. I am following the MS Tech steps for replacing a DC. Before I transfer FSMO roles and such I need to setup the new DNS server.  I can not setup the new DNS server using the same zone name while the current one is still in use.
0
 

Author Comment

by:MushroomStamp
ID: 24330686
We have had a multitude of problems with the current DNS server... it's pretty much bubble gummed with things such as entries that can't be gotten rid of and setttings that don't take.. plenty of problems with it.

How would I seamlessly have the new DC (soon to be the only) take over the DNS role from current garbage. I don't want to important anything from current setup. I will manually enter the values of each fixed IP on the network (about 15). I can't have any down time
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 24330696

You can if you change the zone to Standard Primary (in the Zone Properties within the DNS Console, select Change next to Type, and remove the tick from Store in Active Directory). It being integrated with AD is optional and counter productive in this instance.

You absolutely cannot use a zone name that is different from the AD Domain Name. It won't do you a bit of good.

If it's causing such problems you may as well just delete the existing zone now. Change all clients and servers to refer to the DNS service on the new DC, it will repopulate there. Then delete the current zone. That way you can add a new AD Integrated zone without being troubled by the old one.

As you're going to need to talk to the current DC to maintain replication you'll want the old DC to register Service Records and Names on the new DNS Service.

Chris
0
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 2000 total points
ID: 24330713

If you can't have downtime change the zone to Standard Primary. The new zone you create will also have to be Standard Primary (not stored in AD) until you have everything in place or it will overwrite the old zone on the old DC.

After it's populated you can change the zone to AD Integrated and it will copy the current zone over without anyone noticing.

Chris
0
 

Author Closing Comment

by:MushroomStamp
ID: 31579179
Thank you sir for your quick attention to my issue.  I love this site, you guys save me so much time.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question