• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 538
  • Last Modified:

How do I create and apply a GPO from Windows Server 2008 to route my Windows 7 users to point to a different DNS server?

I need step-by-step instructions to have a GPO applied in my organization, to where if both DNS servers fail, the GPO will point all users workstation (Windows 7) to another DNS server. In other words, maybe forcing the GPO or apply the GPO with auto refresh will change the DNS settings of users workstation to point to a different DNS server in the event both current DNS servers fail. Please explain step-by-step.
1 Solution
Cliff GaliherCommented:
There really is no way to do this. The problem here is that any AD infrastructure *needs* DNS, and more specifically the DNS servers need to be AD aware. And group policies are really just a set of policy files hosted on the ADDS server. So what happens when your AD servers are down? Chances are your DNS quits working right so your clients would never properly react to this, and even if you somehow got that first hurdle down, they actually would NOT apply the group policy because they could not verify it should be applied because the server hosting it is gone.

Truthfully, I'm not even sure what you are trying to accomplish. Any scenario I can even remotely imagine where the downtime needs to be zero also requires that AD be up because of other factors. The chances of two properly maintained servers being out simultaneously is already very small. 4-9's is my experience. But, if *that* isn't good enough, and DNS is truly mission critical, you should have multiple DNS servers (4, 5, 6?) so that even a dual failure doesn't take you down. You can get to a ridiculously high fault tolerance with very little effort.

The group policy route is a non-starter. You'd have to go scripting. And honestly by the time you have that in place, it'd have been cheaper and easier to patch and maintain another DNS server (with or without ADDS).
jaedenoneAuthor Commented:
Here is what I am trying to accomplish, click the link below, as it will take you to another posting I have on Experts-Exchange.


I am not sure if this is achievable via GPO, however you can very well add the fallback DNS servers as the 3rd & 4th DNS servers in the DHCP scope itself.. Your client machines will only use these 3rd & 4th DNS servers in the scenario when the first 2 DNS servers are not available..
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now