Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 265
  • Last Modified:

Adding a 2nd DNS server on a SBS 2008 domain without making it a DC as well.

Hello all.

We have a situation where we seem to be having intermittent issues with web pages not loading up and causing a bit of slowness on an otherwise OK LAN.  We have been investigating all things pertaining to this, ie, DNS forwarders, router, even EDSN0 settings (which are off), and we still are having the issue.  Lasts 1 to 5 minutes and about the same time(s) of day but not necessarily everyday.  Email for the Exchange and the ISP do not go down, just web pages seem to go into limbo.

Its an SBS 2008 network with Exchange, AD, DHCP, DNS, no SharePoint.

So we want to put in a temporary Windows 2008 R2 SP1 server and put a secondary DNS instance on it.  We will put a few users on it to test to see if the issues persist.  If it works, then we may keep it in place.  This is why we don't want to make it a secondary DC, just a secondary DNS.

Can someone please advise on the specific steps entailed with this so that we don't blow things up?  I've researched different answers to this, but it's a little confusing.

Your help or experience is greatly appreciated.
0
AFIN
Asked:
AFIN
  • 3
  • 3
1 Solution
 
Cliff GaliherCommented:
Nothing particularly fancy here. Just add the DNS role then create new secondary zones based on the zones you have on your DC and tell it the primary is your SBS machine. You should then be able to see some events as the DNS server copies the zone and once you see an event stating it is complete, bounce a couple of queries off of it using nslookup.

From there, configure DNS forwarders so non-authoritative queries go out instead of back up to the SBS server, and you should be set.

If you have more questions about a particular step, give us a shout.
0
 
AFINAuthor Commented:
Thx cgaliher.  I do not claim expertise in DNS, but this helps. Just to clarify:

When you say secondary zones, is that a sub zone or a new zone based on what is currently on the SBS DNS? Ie, if they have as a main zone office.local, does the secondary DnS get something like second.office.local?

And should or can i use the same Fowarders on the second Dns sever as on the SBS DNS?  I imagine that would be alright.

Thx again.

D
0
 
Cliff GaliherCommented:
A secondary zone is a zone type. You'd use the same names as their primary counterparts. More info:

http://technet.microsoft.com/en-us/library/cc816885(v=WS.10).aspx

and using he same forwarders should be fine.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
AFINAuthor Commented:
Hello cgaliher.  Thanks for your input.  I have created the secondary DNS server and the secondary zone for the office.local zone and it copied it from the Primary SBS server just fine.

 But I have a question: since this is NOT a secondary DC, should I create the _msdcs.office.local on the secondary DNS server as a secondary zone?  I added the NS of the secondary to the Name Servers and Zone Transfers tabs Like I did for the office.local zone, but its not replicating itself because I did not manually create a secondary zone.  I don't want to do that less it kills something!  

Thanks
0
 
Cliff GaliherCommented:
If you plan to have internal clients point to that server, YES you need that zone as well. That zone contains records that AD clients use to find server services, so it must be present. Since the mew server is not a DC, it wont have any records of its own in that zone, so it won't break anything.
0
 
AFINAuthor Commented:
Thank you again, cgaliher.  I have added the _msdcs zone as secondary to the 2nd DNS and all is well so far.

Dg
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now