Solved

AD, DNS and Windows 2003/2008

Posted on 2011-09-23
7
336 Views
Last Modified: 2012-08-13
My configuration

3 DC
DC1 = Windows 2008 R2, DNS, GC, all 5 FMSO roles, IP = 126.0.0.9, DNS1= 126.0.0.9, DNS2= 126.0.0.10
DC2 = Windows 2003 SP2, Exchange, DNS, GC, IP= 126.0.0.105, DNS1 = 126.0.0.10, DNS2 = empty
DC3 = Windows 2003 SP2, DNS, GC, IP = 126.0.0.10, DNS1 = 126.0.0.10, DNS2 = 126.0.0.9

Is this DNS configuration OK?
What is the recommended DNS configuration in TCP/IP properties of each DC?

(I had a problem this morning that when I started DC1 alone (DC2 and DC3 where offline) DNS service would not start. When DC2, DC3 went online some minutes after, everything when back to normal, and DNS service started sucessfully,  that is the reason I prefer to check DNS configuration)

Thank you
0
Comment
Question by:gadsad
7 Comments
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 36586168
Try to configure it this way

DC1: Primary DNS of DC2, Secondary DNS of itself, Tertiary DNS of 127.0.0.1 (loopback interface)
DC2: Primary DNS of DC3, Secondary DNS of DC1, Tertiary DNS of 127.0.0.1 (loopback interface)
DC3: Primary DNS of DC1, Secondary DNS of DC2or3, Tertiary DNS of 127.0.0.1 (loopback interface)

This should prevent of "DNS island" which probably took place in your environment. DNS service couldn't start and there was problem with AD startup.

More about DNS island at
http://support.microsoft.com/kb/275278

Regards,
Krzysztof
0
 
LVL 9

Expert Comment

by:Lester_Clayton
ID: 36586174
The Microsoft recommended configuration is to set the Alternate DNS server for Domain Controllers to be 127.0.0.1 - only if they are running DNS services though.

Unfortunately, you've not told us what your DC IP addresses are, so I could not give you a recommended configuration.

I have 2 domain controllers in each of my forests, and I make the 2 Domain Controllers point to their own IP and the other Domain Controller's IP for DNS.

In a 3 Domain Controller environment, I'd make them still talk to their own IP as the first DNS entry, and then flip a coin to see which other domain controller/DNS server gets the second one :D
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36586180
They told us :) Read question once again ;)

Krzsztof
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 9

Expert Comment

by:Lester_Clayton
ID: 36586216
I got confused with all the IP's :)
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36587162
Also, best practices not to use 127.0.0.1 you should use the actual IP addresses. Loopback addresses themselves can cause DNS issues in multiple DNS server environment.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36915738
Hi,

today I was reviewing posts on EE and I found one interesting post, where Mike (mkline71) posted a link to Ask DS Team blog. There where similar question about best DNS practices. I read that article and I think it's worth placing it here for you :) In my opinion you will find all answers for your questions ;)

http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest

Krzysztof
0
 

Author Closing Comment

by:gadsad
ID: 36926238
thank you
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
Learn about cloud computing and its benefits for small business owners.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question