Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How can I determine the preferred AD DNS server?

Posted on 2011-09-28
6
Medium Priority
?
295 Views
Last Modified: 2012-06-27
Points of My Scenario:
1. I am admin of a Windows Server 2003 domain: mydomain.com
2. There are 5 domain controllers: A, B, C, D & E
3. All domain controllers are also DNS servers for the domain.
4. Client workstations are configured (via DHCP) to use as preferred DNS servers: A & B
5. However, clients resolve "mydomain.com" consistently to domain controller D.
QUESTION: How can I make clients resolve "mydomain.com" to domain controllers A or B instead?
0
Comment
Question by:waltforbes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 12

Expert Comment

by:nsx106052
ID: 36719750
First create sites in AD(active directy sites and services) if you have more than one location.  Then move the domain controllers to the appropriate site.  Once the site is created add the proper subnets for each site.

Then I would double check your DHCP settings to use the proper DNS servers.  Typically you should place the two closest DNS servers in the DHCP scope. You can add additional ones as a backup if you prefer.

If you only have one location you don't need to configure site and services just your DHCP scopes.
0
 

Author Comment

by:waltforbes
ID: 36720154
To nsx106052 - please note the site/subnet layout:
(1) There are three sites (Site1, Site2, and Site3)
(2) Site1 contains three subnets + domain controllers A, B and E - all in one building
(3) Site2 contains one subnet + domain controller C - separate building
(4) Site3 contains one subnet + domain controller D - yet another (3rd) building
My Actions:
(1) Based on your advice, I added client subnets (2 of them) to Site1, using AD Sites and Services - since all are in same building
(2) I replicated the changes using AD Sites and Services also.
(3) I flushed DNS cache with "ipconfig /flushdns" at the clients
Results: Nothing changed - mydomain.com is still resolves to domain controller D.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36812994
Your DHCP clients use only specified DNS servers in scope option no. 006 :) (that's for sure) and gets DNS respond only from them :) ... but specified DNS servers contain all necessary records of your domain.local

By default Round-Robin mechanism is working for that
http://en.wikipedia.org/wiki/Round-robin_DNS
http://technet.microsoft.com/en-us/library/cc787484%28WS.10%29.aspx

so, according to your structure

DC-A
DC-B
DC-C
DC-D
DC-E

DNS issues IP address of DC during authentication, next client will get IP address of another DC from the list (Round Robin)

If you want to check if that's true, log on to that PC, open command-line and run test

ipconfig /flushdns
ping domain.local

repeat this action several times and compare IP output for the domain  :)

Regards,
Krzysztof
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 2000 total points
ID: 36812999
You may be also interested in Netmask ordering feature. This is very good MS article for that
http://support.microsoft.com/kb/842197

Krzysztof
0
 

Author Closing Comment

by:waltforbes
ID: 36816961
Many thanks, iSiek.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36817364
You're welcome :)

Krzysztof
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question