Solved

Proper DNS Settings for 2 domain controllers

Posted on 2013-11-29
9
379 Views
Last Modified: 2013-11-30
Hey guys - I am running two domain controllers (just added the 2nd one recently).  The 'first' domain controller is 2003 and uses itself for DNS of course, and has forwarders set up for the iSP's DNS.  All clients currently use this machine for DNS.  The 2nd domain controller (2008 R2) uses itself for DNS.  What other DNS settings do I need to change?  Should I point the clients to the 1st or 2 domain controller for DNS?    Thanks in advance for any help!
0
Comment
Question by:zagnutttt4
  • 2
  • 2
  • 2
  • +2
9 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 39685756
Clients can be pointed to either one.    What you have is fine but to avoid race condition issues you can point DC1 to DC2 for primary DNS and vice versa.  MOre on that here:

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_27556645.html

Having said that if you are not having any issues leaving it as is works too

Thanks

Mike
0
 
LVL 9

Expert Comment

by:Zenvenky
ID: 39685763
Both DCs shall point to themselves as preferred DNS and secondary as other DC's DNS. For better understanding check this link.

DNS Best Practices
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39685770
Zen,   I used to do it that way too until we ran into race condition issues a few years back at another job.

askds also talked about it here   http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest

Thanks

Mike
0
 

Author Comment

by:zagnutttt4
ID: 39685772
Will group policy changes made on either domain controller replicate to the other?
0
 
LVL 25

Assisted Solution

by:DrDave242
DrDave242 earned 250 total points
ID: 39685777
Should I point the clients to the 1st or 2 domain controller for DNS?
You should point them to both, but which one should be the preferred server and which one should be the alternate is up to you.

Also, I'm in agreement with mkline71: Set each DC to use the other one as its preferred server and itself as alternate. Microsoft's DNS BPA agrees with this as well.
0
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39685861
DNS Servers would point to each other for primary and then themselves as a secondary.  This prevents what is known as the "island effect".  Where the DNS servers isolate themselves.  

As for setting up DHCP and pushing DNS to the clients workstations you will choose which DNS server is your primary and which one is the secondary.
0
 
LVL 25

Expert Comment

by:DrDave242
ID: 39685879
Will group policy changes made on either domain controller replicate to the other?
As long as your SYSVOL folder is replicating correctly between the two, Group Policy changes will replicate. Keep in mind that SYSVOL replication and AD replication are separate, and it is possible for one to fail while the other continues working perfectly.
0
 
LVL 9

Expert Comment

by:Zenvenky
ID: 39685897
MKline, I agree with you there is a an argument going on every blog which deals with AD and DNS. Because of that reason Microsoft didn't come to a conclusion to release DNS default configuration settings for DC I believe you agree with me. I've been using these DNS configurations from many years and never had any issues.

Point #2 what AskDS mentioned is for multi domain/ forest scenario but definitely not in small and medium business environments where you see not more than 15 DCs and it is surely single domain environment.

I'm not trying to say what I mentioned is the thumb rule for DNS configuration, it is just a best practice that I've been following and I never had any issues in small and medium business environments.
0
 

Author Comment

by:zagnutttt4
ID: 39685934
Thanks guys, I will try both ways, giving each method enough time to determine if any problems and/or performance issues are occurring.
0

Join & Write a Comment

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now