Solved

Can I use Server 2008 DNS without it being a DC?

Posted on 2009-07-08
7
244 Views
Last Modified: 2012-05-07
Currently all of our organizations DNS servers are Windows 2003 domain controllers using AD.  I am attempting to configure our first Windows 2008 Server but only want to use it as a file server and DNS server for a remote location.  

Is it possible to have DNS working on this server without making it a DC?  Can AD integrated zones work without it being a DC?

Any help would be appreciated.
0
Comment
Question by:ATSOL
  • 3
  • 2
  • 2
7 Comments
 
LVL 3

Accepted Solution

by:
AdoBeebo earned 25 total points
ID: 24804834
AD Integrated DNS Zones require the host server to be a DC, because the DNS zone is stored and replicated using the AD.
You can still setup Primary, Secondary and Stub zones on a non-DC 2008 Server
In your situation you could consider using a read only domain controller for the remote site (RODC) and cache the required passwords on that server. This will lower WAN link traffic as local user authentication can be handled locally, and it is a more secure compromise which will allow you to keep AD IZ like DNS functionality while not exposing unrequired portions of your AD in a non-secure location
0
 

Author Comment

by:ATSOL
ID: 24804914
So if I manually setup zones on my non-DC 2008 server that are identical to the existing zones in the other DNS servers, will it automatically populate the records for those zones?  I don't want it to overwrite my existing dns zones with an empty zone from this new server.
0
 
LVL 10

Assisted Solution

by:Datedman
Datedman earned 25 total points
ID: 24805010
You can make a secondary DNS server for an AD zone.  You may need to add it to the SOA tab on one of the AD servers so that it'll be allowed to replicate.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 3

Expert Comment

by:AdoBeebo
ID: 24805135
A secondary zone is like a read-only DNS zone, so if you're not sure stick to secondary. You'll also need to add the server to the Replication tab, under Allowed to Replicate, or similar (from memory)
 
0
 
LVL 10

Expert Comment

by:Datedman
ID: 24805198
btw if it is read-only DNS, keep in mind that machine using it as their DNS server will not be able to register their DNS records...so may be a problem with say, sharing a printer between machines at the remote location?  hmmm do you use WINS?  
0
 

Author Comment

by:ATSOL
ID: 24805442
If I understand it correctly, an RODC would just forward the request onto a writeable DC.  The writeable DC would then update DNS in the RODC.  We are not using WINS.  At this point I'm just trying to decide whether to use one of three methods for my new server > DC, RODC or non-DC secondary zone.
0
 
LVL 10

Expert Comment

by:Datedman
ID: 24805476
I'd just make it a DC.  Why bother with RODC?  Not sure why you didn't want to make it a DC...

BTW should make a new site in AD Sites and Services with the remote subnet/new server.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was asked if I could set up a fax machine so that incoming faxes were delivered to people's Exchange inboxes and so that they could send faxes from their desktops without needing to print the document first.  I knew it was possible but I had no id…
Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now