BrianLadley
asked on
How to prevent a legacy Domain controller from updating DNS
I recently installed a new Domain Controller (Windows Server 2012 R2 Standard) which replaces a legacy system (Windows SBS 2011). During the cutover process, I transferred the FSMO roles to the new DC and removed the Global Catalog option from the SBS 2011 server. I also changed the IP address of the A record in the local DNS to point the old server name to the new server's IP address in order to redirect any stragglers with persistent mappings. Even with the IPv4 settings on the network card setup to not register the connection's address in DNS, it keeps reverting my IP address change back to its original setting.
How do I prevent the legacy DC from overwriting the manual IP address change in DNS without shutting down the server?
Brian L
How do I prevent the legacy DC from overwriting the manual IP address change in DNS without shutting down the server?
Brian L
turn off the SBS2011
Why is the old server still on? Really it should have been demoted and shut down once you'd transferred the FSMO roles.
If you're having mapping issues then you need to have a look to see you how clients are getting the mappings. If its group policy then you need to update your GPO.
If you're having mapping issues then you need to have a look to see you how clients are getting the mappings. If its group policy then you need to update your GPO.
ASKER
This implementation is for a client site with unknown variables. I intend to keep the server running as a secondary Domain Controller until we have time to ensure that the new server is functioning properly and meeting the needs of the customer prior to decommissioning the SBS 2011 server.
You're running in an unsupported configuration. If you've already moved the FSMO roles then I'm surprised its staying on.
It may be worth trying to uncheck the 'Register this connections addresses in DNS' option on the SBS network adaptor to see if that stops it.
It may be worth trying to uncheck the 'Register this connections addresses in DNS' option on the SBS network adaptor to see if that stops it.
ASKER
The option to "register this connections ..." was disabled but it still reregisters itself after about 15 minutes. I even used the option "ipconfig /registerdns" which is supposed to let the DNS server know not to expect updates from the server. I guess it's doing it because it's still a secondary DNS server.
Brian
Brian
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks to everyone. I know I had to eventually shut it down as part of the cutover. Now that I've got all of the logon scripts, printers, data and shares migrated to the new server, I can remove the SBS2011 Exchange server from the organization, demote the SBS2011 DNS server and decommission the VM.
My initial plan for the DNS record was to use a CNAME to redirect the old server name to the new server and delete the A record but the A record kept coming back. I had hoped that by removing the Global Catalog option and just keeping it as a secondary DNS with the setting 'Register this connections addresses in DNS' disabled that it would stop registering itself every 15 minutes. I now know that it would appear that a DNS server will always self-register.
Brian
My initial plan for the DNS record was to use a CNAME to redirect the old server name to the new server and delete the A record but the A record kept coming back. I had hoped that by removing the Global Catalog option and just keeping it as a secondary DNS with the setting 'Register this connections addresses in DNS' disabled that it would stop registering itself every 15 minutes. I now know that it would appear that a DNS server will always self-register.
Brian
Great! Please close out this question then.
ASKER
I've requested that this question be deleted for the following reason:
This was an irrelevant question
This was an irrelevant question
I don't think the question was irrelevant at all... you stated yourself that you learned something through this process -- others may be able to use this question to learn as well. Please do NOT delete it.
ASKER
It took me a little while to find the close question option. Thanks for the feedback.
Not sure why you are updating the A record at all. Is your goal to decommission the old domain controller (removing the Active Directory domain services from it) or something different?
You should run DCPROMO to remove that domain controller, and make it a normal member server if needed.