Split DNS for Active Directory
Hi experts,
I planned to upgrade our AD for Enterprise Usage, AD before just used for Exchange mail account only. Upgrading also mean we going to move from Windows 2008 to Windows 2008 R2 - taking advantage of single sign in AD as in feature all our applications will be authenticated using AD.
My bos asked me to split out the DNS from AD server so it can be on its own and served others as well (computers that not joining domain). Currently we have DNS server that runs on Linux machine. This new DNS will served as replacement to this Linux DNS.
AD also must be allow to dynamically write on this DNS, plus DNS admin can also do manual entry.
How can I do this? What I know is new DNS must be a domain controller. Does this mean that all user information also duplicated to this new DNS server? If in this case, do RODC plays any role here to reduce this new DNS burden?
Any idea, please? Any notes I can refer to?
I planned to upgrade our AD for Enterprise Usage, AD before just used for Exchange mail account only. Upgrading also mean we going to move from Windows 2008 to Windows 2008 R2 - taking advantage of single sign in AD as in feature all our applications will be authenticated using AD.
My bos asked me to split out the DNS from AD server so it can be on its own and served others as well (computers that not joining domain). Currently we have DNS server that runs on Linux machine. This new DNS will served as replacement to this Linux DNS.
AD also must be allow to dynamically write on this DNS, plus DNS admin can also do manual entry.
How can I do this? What I know is new DNS must be a domain controller. Does this mean that all user information also duplicated to this new DNS server? If in this case, do RODC plays any role here to reduce this new DNS burden?
Any idea, please? Any notes I can refer to?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
HI khairi,
Any feedback on the comments added?
Cheers
GM
Any feedback on the comments added?
Cheers
GM
ASKER
Sorry guys,
Last 3 weeks I have waiting emails from EE but nothing comes, but at last an email form EE saying that this is abandon question. I wonder is something wrong with my email system.
Anyway guys, give me sometime to look on your suggestion. I've duplicated my current AD infra into virtualization.
Last 3 weeks I have waiting emails from EE but nothing comes, but at last an email form EE saying that this is abandon question. I wonder is something wrong with my email system.
Anyway guys, give me sometime to look on your suggestion. I've duplicated my current AD infra into virtualization.
ASKER
Thanks guys.
Is there any reason why your boss does not want to use Windows DNS apart from being able to service machines that are not in the domain? If this is in the only reason it might be a good idea to suggest to him that from a machine point of view they will not notice any difference from a Linux or Windows DNS server.
You get great integration with dynamic DNS updates and therefore do not need to setup all the AD type srv records that are needed when you install a new DC.