• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 301
  • Last Modified:

How can I determine the preferred AD DNS server?

Points of My Scenario:
1. I am admin of a Windows Server 2003 domain: mydomain.com
2. There are 5 domain controllers: A, B, C, D & E
3. All domain controllers are also DNS servers for the domain.
4. Client workstations are configured (via DHCP) to use as preferred DNS servers: A & B
5. However, clients resolve "mydomain.com" consistently to domain controller D.
QUESTION: How can I make clients resolve "mydomain.com" to domain controllers A or B instead?
0
waltforbes
Asked:
waltforbes
  • 3
  • 2
1 Solution
 
nsx106052Commented:
First create sites in AD(active directy sites and services) if you have more than one location.  Then move the domain controllers to the appropriate site.  Once the site is created add the proper subnets for each site.

Then I would double check your DHCP settings to use the proper DNS servers.  Typically you should place the two closest DNS servers in the DHCP scope. You can add additional ones as a backup if you prefer.

If you only have one location you don't need to configure site and services just your DHCP scopes.
0
 
waltforbesSenior IT SpecialistAuthor Commented:
To nsx106052 - please note the site/subnet layout:
(1) There are three sites (Site1, Site2, and Site3)
(2) Site1 contains three subnets + domain controllers A, B and E - all in one building
(3) Site2 contains one subnet + domain controller C - separate building
(4) Site3 contains one subnet + domain controller D - yet another (3rd) building
My Actions:
(1) Based on your advice, I added client subnets (2 of them) to Site1, using AD Sites and Services - since all are in same building
(2) I replicated the changes using AD Sites and Services also.
(3) I flushed DNS cache with "ipconfig /flushdns" at the clients
Results: Nothing changed - mydomain.com is still resolves to domain controller D.
0
 
Krzysztof PytkoSenior Active Directory EngineerCommented:
Your DHCP clients use only specified DNS servers in scope option no. 006 :) (that's for sure) and gets DNS respond only from them :) ... but specified DNS servers contain all necessary records of your domain.local

By default Round-Robin mechanism is working for that
http://en.wikipedia.org/wiki/Round-robin_DNS
http://technet.microsoft.com/en-us/library/cc787484%28WS.10%29.aspx

so, according to your structure

DC-A
DC-B
DC-C
DC-D
DC-E

DNS issues IP address of DC during authentication, next client will get IP address of another DC from the list (Round Robin)

If you want to check if that's true, log on to that PC, open command-line and run test

ipconfig /flushdns
ping domain.local

repeat this action several times and compare IP output for the domain  :)

Regards,
Krzysztof
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Krzysztof PytkoSenior Active Directory EngineerCommented:
You may be also interested in Netmask ordering feature. This is very good MS article for that
http://support.microsoft.com/kb/842197

Krzysztof
0
 
waltforbesSenior IT SpecialistAuthor Commented:
Many thanks, iSiek.
0
 
Krzysztof PytkoSenior Active Directory EngineerCommented:
You're welcome :)

Krzysztof
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now