• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 647
  • Last Modified:

Windows 2003 Server - Secondary DNS on secondary DC

When creating a secondary DC in a 2003 server domain, does a secondary DNS get created by default for redundancy purposes or does that have to be done explicitly?  

In either case, is there  any way to make the DNS server on the secondary DC the primary DNS server with the first DC's being the 'backup' DNS and if there is would there be any reason for doing that?  

How redundant is DNS failure in the above environments when the primary DNS goes down?
0
lineonecorp
Asked:
lineonecorp
5 Solutions
 
motnahp00Commented:
The DNS roles are AD integrated. If you lose DC1, DC2 will be able to service your DNS resolver clients.
0
 
lineonecorpAuthor Commented:
Thanks for the quick response. I'm still not clear - do I have to create a secondary DNS when I create the second DC or does it automatically get created? When both DC1 and DC2 are both up and running I am assuming it does the DNS by default - can I change that - can I have DC2 do the DNS even though DC1 is doing the AD with failback to DC1 DNS?  Also when we are talking about redundancy is it DNS redundancy outside of DC redundancy or is DNS redundancy part of DC redundancy?
0
 
Seth SimmonsSr. Systems AdministratorCommented:
DNS is automatically created for the first domain controller; it isn't automatically installed on subsequent servers.  You will need to install DNS service separately after it is promoted.  Then you can use both for name resolution.  Otherwise, only the first one is usable for DNS which is your single point of failure.  It is AD integrated as mentioned above so if DC1 goes down, your clients can still resolve assuming they are configured to also use DC2 (either manually or through your dhcp scope).  Essentially, DC1 and DC2 will both be doing name resolution and computer/account authentication.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Prashant GirennavarCommented:
When you Make your DNS as AD-Integrated Zone, Then no need to configuring Any secondary zone on another DNS server.

For Eg - you have enabled your DNS zone as AD Integrated zone , Now, You have deployed one more DNS server , On newly deployed DNS server no need to configuring anythings , you just need to wait for some time. The Zone will automatically pop up on the new DNS server.

Note- AD Integrated zones are part of AD Replication.

Active Directory-integrated zones are authoritative primary zones.. So there is no need of configuring secondary zones also.



If one the DC holding AD Integrated zone goes down , other DC will serve all DNS queries.

Refer below links to understand this better

http://wiki.answers.com/Q/Name_3_benefits_of_using_AD-integrated_zones

http://technet.microsoft.com/en-us/library/cc772746(v=ws.10).aspx

http://wiki.answers.com/Q/What_are_several_of_the_largest_advantages_of_using_active_directory_integrated_zones_as_a_type_for_a_larger_organization

Regards,

_Prashant_
0
 
Leon FesterIT Project Change ManagerCommented:
To answer your questions:
When creating a secondary DC in a 2003 server domain, does a secondary DNS get created by default for redundancy purposes or does that have to be done explicitly?  
When you promote a DC, the DNS role is not automatically created.
You need to install the DNS role and if you're running AD-integrated DNS then the Zones will be transfered to the new DC.

In either case, is there  any way to make the DNS server on the secondary DC the primary DNS server with the first DC's being the 'backup' DNS and if there is would there be any reason for doing that?
It's actually quite easy, once the DNS role is configured, you need to either update your DHCP scopes or the network cards, depending if you're running DHCP or static addresses.
Reasons for doing that...see the answer to the question "What is Microsoft's best practice for where and how many DNS servers exist? What about for configuring DNS client settings on DC’s and members?"
http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx

How redundant is DNS failure in the above environments when the primary DNS goes down?
I can explain it, but I'd be repeating alot of information that you can find in the following posts.
http://technet.microsoft.com/en-us/library/cc772774(v=ws.10).aspx
http://social.technet.microsoft.com/Forums/en/winservergen/thread/659b2d9c-9f3e-4644-9081-db5d06d25d79
0
 
DrDave242Commented:
BTW, when dvt_localboy refers to updating the network cards above, he's referring to configuring the DNS server settings on the client machines if they don't get these settings from DHCP.  Clients have to be told which DNS servers to use, and in which order; they won't automatically start using a second DNS server when one is created.
0
 
lineonecorpAuthor Commented:
Awesome. Great answers. Makes everything very clear.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now