• Status: Solved
  • Priority: Medium
  • Security: Private
  • Views: 72
  • Last Modified:

DNS migration to Windows AD DNS

Need to migrate DNS from old BIND box to Windows DC Server 2016.  Anyone can point to the right direction and steps required?
Also, lots of users are on Ubuntu and Macs.  Would ipconfig /flushdns work on non-windows machines to refresh that after the cutover?
Thanks in advance.
0
Tiras25
Asked:
Tiras25
  • 5
  • 5
3 Solutions
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
Would ipconfig /flushdns work on non-windows machines to refresh that after the cutover?
It would be more like this
sudo /etc/init.d/dns-clean restart

Open in new window

the
sudo /etc/init.d/networking force-reload

Open in new window

Need to migrate DNS from old BIND box to Windows DC Server 2016.
Any reason why you do not just let everything register again?
0
 
Tiras25Author Commented:
I go.  I need to populate all the DNS static entries tho.
0
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
Why? They could register
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Tiras25Author Commented:
OK in my case there options is either None or Nonsecure and secure Dynamic updates.  Is it safe to select the leter?  Would is cause any issues?
0
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
I would select secure Dynamic updates
0
 
Tiras25Author Commented:
There's no option for Secure only.  Either "None" or "Nonsecure and secure"
0
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
Set Nonsecure and secure for now
0
 
Tiras25Author Commented:
OK all set thank you!  My A static records I entered are all unsecure.  They don;t have that Security tab that shows in the article you sent.

Still trying to grasp thru how DNS would know about the static records.
0
 
MaheshArchitectCommented:
zone you created is not ad integrated zone, hence you are unable to see "secure only" option

Also what about static entries your bind server may have which are explicitly created

Those entries will not register automatically on windows dns server

you need to export bind zone and find / filter out static entries and then need to create on windows dns server manually or with dnscmd commands
1
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
After installing DNS set zone with these PowerShell commands to get the security tab
https://docs.microsoft.com/en-us/powershell/module/dnsserver/set-dnsserverprimaryzone?view=win10-ps
0
 
Tiras25Author Commented:
I think I will be entering those static Host A records manually.  Since I cannot access the DNS db file directly on AD-integrated DNS.  Luckily I have less than 100 records.  Maybe ~70.

Does anyone point to the dnscmd command for adding static assignments Host A records?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now