Solved

Can I use Server 2008 DNS without it being a DC?

Posted on 2009-07-08
7
247 Views
Last Modified: 2012-05-07
Currently all of our organizations DNS servers are Windows 2003 domain controllers using AD.  I am attempting to configure our first Windows 2008 Server but only want to use it as a file server and DNS server for a remote location.  

Is it possible to have DNS working on this server without making it a DC?  Can AD integrated zones work without it being a DC?

Any help would be appreciated.
0
Comment
Question by:ATSOL
  • 3
  • 2
  • 2
7 Comments
 
LVL 3

Accepted Solution

by:
AdoBeebo earned 25 total points
ID: 24804834
AD Integrated DNS Zones require the host server to be a DC, because the DNS zone is stored and replicated using the AD.
You can still setup Primary, Secondary and Stub zones on a non-DC 2008 Server
In your situation you could consider using a read only domain controller for the remote site (RODC) and cache the required passwords on that server. This will lower WAN link traffic as local user authentication can be handled locally, and it is a more secure compromise which will allow you to keep AD IZ like DNS functionality while not exposing unrequired portions of your AD in a non-secure location
0
 

Author Comment

by:ATSOL
ID: 24804914
So if I manually setup zones on my non-DC 2008 server that are identical to the existing zones in the other DNS servers, will it automatically populate the records for those zones?  I don't want it to overwrite my existing dns zones with an empty zone from this new server.
0
 
LVL 10

Assisted Solution

by:Datedman
Datedman earned 25 total points
ID: 24805010
You can make a secondary DNS server for an AD zone.  You may need to add it to the SOA tab on one of the AD servers so that it'll be allowed to replicate.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 3

Expert Comment

by:AdoBeebo
ID: 24805135
A secondary zone is like a read-only DNS zone, so if you're not sure stick to secondary. You'll also need to add the server to the Replication tab, under Allowed to Replicate, or similar (from memory)
 
0
 
LVL 10

Expert Comment

by:Datedman
ID: 24805198
btw if it is read-only DNS, keep in mind that machine using it as their DNS server will not be able to register their DNS records...so may be a problem with say, sharing a printer between machines at the remote location?  hmmm do you use WINS?  
0
 

Author Comment

by:ATSOL
ID: 24805442
If I understand it correctly, an RODC would just forward the request onto a writeable DC.  The writeable DC would then update DNS in the RODC.  We are not using WINS.  At this point I'm just trying to decide whether to use one of three methods for my new server > DC, RODC or non-DC secondary zone.
0
 
LVL 10

Expert Comment

by:Datedman
ID: 24805476
I'd just make it a DC.  Why bother with RODC?  Not sure why you didn't want to make it a DC...

BTW should make a new site in AD Sites and Services with the remote subnet/new server.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question