?
Solved

DNS Replication between DC and Non-DC

Posted on 2011-10-04
8
Medium Priority
?
453 Views
Last Modified: 2012-08-14
I have two DNS Servers one Win2k the Other Win2k3.  Both were domain controllers with DNS.  I DCPROMO demoted the Win2k server and the DNS zones went with it.  I am looking to retain the Win2k machine as a DNS Server just not a DC.  How can I get the Win2k machine to be part of the DNS replication?  There are currently no Zones Showing on the Win2k DNS.  
0
Comment
Question by:robanom
  • 4
  • 3
8 Comments
 
LVL 14

Accepted Solution

by:
Wonko_the_Sane earned 2000 total points
ID: 36911625
You will have to setup the DNS zones as "secondary zones" on the non-DC. Note that this will be read-only copies, so clients cannot dynamically update their IP if they use this DNS server, it would merely provide redundancy for the existing DNS zones.
0
 
LVL 81

Expert Comment

by:arnold
ID: 36912022
On your DC make sure that the AD zone is not limited to domain controllers. Properties of the Domain Zone change the Replication to make sure it replicates to all DNS servers in the AD domain.
Make sure that you have an AD-Integrated zone.
on the win2k it should appear once refreshed.
Though not sure why you chose to demote the win2k perhaps your only DC backup. You should have at least two DCs since that is where user/computer/gpo/etc is.  If you only have one and it experiences hw failure, you will be in a ......
0
 

Author Comment

by:robanom
ID: 36912506
I have two win2k3 domain controllers however the other win2k3 dc I do not want to be a DNS Server.  
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 14

Expert Comment

by:Wonko_the_Sane
ID: 36912521
You will need to use secondary zones. AD replication only works to domain controllers. This is by design, since it's stored in the directory. A member server has no directory, and therefore you can't replicate to it.
0
 
LVL 14

Expert Comment

by:Wonko_the_Sane
ID: 36912533
And really, your best choice would be to make your second DC a DNS server, it's just easier. Please note that AD does not function without DNS at all, and not making your second DC a DNS server could affect your redundancy. Of course I don't know your reasoning about not making it a DNS server, but I would advice you to do this only if you have really good reasons for that.
0
 

Author Closing Comment

by:robanom
ID: 36912617
This was exactly what I was looking for
0
 

Author Comment

by:robanom
ID: 36912642
The other DC is also an Exchange box, I know against best practice.  that is the reason I do not want to setup DNS on that machine as well.
0
 
LVL 14

Expert Comment

by:Wonko_the_Sane
ID: 36912661
DNS is such a leight-weight, stable and low-footprint service that it woulnd't hurt. Your big issue is Exchange & AD on the same box as you already mentioned, and adding DNS is really harmless. Ultimately your decision, but IMHO you are better off with just adding DNS as well. And it can be removed with the click of a button.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
The article covers five tools all IT professionals should know about, as they up productivity by a great deal!
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question