Installing DNS on a 2003 DC

rsnellman
rsnellman used Ask the Experts™
on
Hi, I did some searching in the Knowledge base, before proceeding with my question.  I seem to have a unique situation.  I have a DC on a subnet that handles our lab PCs on a private network.  The DC is NOT running DNS Server services.  In fact, it is not installed.  I am not sure what the previous server admin was thinking, but this server in question is a DC without DNS.  I thought all DC's required DNS, but some how this DC is working, well most of the time.  Every once in a while I get some weird DNS issues with the lab PC's, which I believe relates back to this DC not having DNS.  Now there are several other DC's that all are running AD-Integrated DNS that are on the public network.  So, I am trying to figure out what would be the point of creating a DC on a private network without AD-integrated DNS on it?

So, my question for the gurus here, how do you install DNS on a current 2003 DC and make the DNS AD-Integrated?

Thanks for your time.

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2012
Commented:
Are the DCs part of the same domain?

What you would do is go to DNS right-click forward lookup zone create new zone you would name the zone the same as your domain name. Make sure you select primary zone and store zone in AD
Leon FesterSenior Solutions Architect

Commented:
Since it's in the LAB, I can only imagine that he didn't want to "contaminate" the production DNS server with LAB PC's that could potentially have the same names as production workstations/Servers.

What is the DNS settings being used by your LAB workstations?
Does your LAB route to your production network?
A quick test is run "nltest /dclist:domain_Name" or "Netdom query fsmo" and verify if you see your production servers.

I'd strongly suggest keeping your lab separate from the production network.
If you want or need your test lab to be integrated with production and this DC is replicating with the production network, then you can safely just added the DNS Role to this server. It should automatically start replicaiting after configuration....give it about 40 mins to get everything across your LAN.
rsnellmanIT Manager

Author

Commented:
Yes all DCs are in the same domain, including the DC in question (let's call it the Lab DC).  Not sure about contaminating, because they all have unique names and use NAT to gain access to the outside (Internet) for students to do research, check out library books and such.

The Lab DC has DHCP running, issuing private IP's (10.200.x.x) to the lab PCs.  The DHCP is issuing the DNS server on the public(production) network.  

Oh, just to clear something up, this is NOT a test lab, this is labs that our students use.  The reason we put these lab PCs on a private network was we ran out of public IP's.  
11/26 Forrester Webinar: Savings for Enterprise

How can your organization benefit from savings just by replacing your legacy backup solutions with Acronis' #CyberProtection? Join Forrester's Joe Branca and Ryan Davis from Acronis live as they explain how you can too.

rsnellmanIT Manager

Author

Commented:
Labs consist of computer science lab, open lab, library PCs, medical assistance lab, etc.
Top Expert 2012

Commented:
Go through steps that I posted that is all you need
rsnellmanIT Manager

Author

Commented:
dariusq,
Your steps are for after I install the DNS Server services on the DC in question?

Or do I perform the steps on an existing DC that has DNS Server services running?

Reason I ask is, I see the lab computers in the DNS of a DC running DNS Server services.

Thanks.
Top Expert 2012

Commented:
This is on a DC that doesn't have DNS but already has the DNS role installed
rsnellmanIT Manager

Author

Commented:
Hmmm...I am not sure if I am following you, but let me try to see if I have this right.  Please bear with me.

My DCs that are running DNS Server services (as AD-Integrated DNS) are displaying all the lab computers in the DNS as correct entries in the proper DNS domain zone.  But the DC that does not have DNS installed is the server that is running DHCP to serve IP's to the lab computers on our 10.200.x.x private subnet.  So, I guess should I worry about this and install DNS Server services on this DC or just leave it as is?  Not sure what best practice is in this scenario.
rsnellmanIT Manager

Author

Commented:
Wasn't sure if I should use a Stub Zone on this DC or use AD-Integrated DNS or just leave it alone, since it works for the most part.  Just want to make sure to correct this if it needs to be.

Thanks.
Top Expert 2012
Commented:
Best practice is to have AD integrated zones on all DCs.
rsnellmanIT Manager

Author

Commented:
Yes, it is best practice, which makes me wondering what the tech before me was thinking.

Anyways, how can I install DNS & make it AD Integrated zones after the server is already Domain Controller?

Thanks again.
Top Expert 2012
Commented:
Again go to DNS right-click Forward Lookup zone create a new forward lookup zone type the name of the domain when creating the DNS zone make sure you check to store in AD.

http://technet.microsoft.com/en-us/library/cc725925.aspx
Top Expert 2012
Commented:
rsnellmanIT Manager

Author

Commented:
OK, got it.  During installing the DNS Server set it to use AD Integrated zones.  Sorry, for some reason I thought you were saying point to a DNS zone without installing DNS Server services...which as you can see is why I was confused.  Thought there was some cool feature of ADDS that I have missed.  LOL

Thanks again.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial