Solved

DNS question

Posted on 2015-01-22
8
111 Views
Last Modified: 2015-01-26
So, could you please confirm. If DNS is ADI then it is included in the system state backup but if NOT, then the zones are stored under this directory for 2003 server?


%systemroot%\winnt\system32\dns

So, by backing up system state and this directory, we should be able to restore DNS completely in case of complete failure. IS it correct?
0
Comment
Question by:creative555
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 1

Accepted Solution

by:
Cliff Goeke earned 250 total points
ID: 40565629
No.  Microsoft DNS is tricky.  Even restoring the DNS database after a crash may not bring the service back on line correctly.  I have seen where the only way to get DNS back up after a crash was to manually rebuild.  .
0
 
LVL 2

Assisted Solution

by:Axis52401
Axis52401 earned 250 total points
ID: 40565677
Cliff is corect, the systemstate backup DOES NOT include DNS. I reference this article when telling people about the shortcomings of a systemstate backup, https://u-tools.com/help/SystemState.asp.

Here is an article that shows how to backup and restore DNS https://windowsdiary.wordpress.com/2012/03/14/strategy-for-dns-server-backup-in-an-ad-environment/

By combining systemstate and the manual backup for DNS you should have what you need to get up and running. If you have services like sharepoint it gets a bit trickier as you need the IIS metadata info. There are vb scripts you can get to do that backup. But you could also build a new IIS and import the raw data back in. Same as DHCP, that can be built pretty easily.
0
 

Author Comment

by:creative555
ID: 40567099
from 2003 server when i ran dnscmd it says unrecognized command
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:creative555
ID: 40567105
do i need to backup DNS from FSMO holder or and DC? WE have ADI zones
0
 

Author Comment

by:creative555
ID: 40567142
I tried running command DNS on 2008DC and I get Error access Denied 5 0x5

for 2003 DC, do I need support tools installed
0
 

Author Comment

by:creative555
ID: 40567239
do you have a script to backup dns zones?
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 40568530
The AD system state backup does contains AD integrated DNS zones because these zone data is already stored in active directory (ntds.dit file)
The standard primary zones and secondary zones need to be backed up separately with dnscmd zoneexport command so that they can be restored in case

If you want to try, you can take AD system state backup of server and try to restore it on another server, may be you need t install DNS role on that computer later on and which should populate all AD integrated zones
0
 

Author Closing Comment

by:creative555
ID: 40571639
Thank you very much!
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft will be releasing the Windows 10 Creators Update in just a matter of weeks. Are you prepared? Follow these steps to ensure everything goes smoothly and you don't lose valuable data on your PC.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question