Integrated Active Directory DNS?

M

MEI

I have two machines at seperate sites, both domain controllers. I am getting
all kinds of synching problems during replication. I have set both servers
to be DNS, both by default configured themselves on the correct domain
(company.com) as Active Directory Integrated. Is this correct or should only
one site be Active Directory Integrated and the second site then be a
'secondary' dns?
Thanks!
 
D

Danny Sanders

When setting up AD Integrated DNS both DC's will be AD Integrated.

hth
DDS W 2k MVP MCSE
 
O

Oli Restorick [MVP]

Using the nslookup tool, switch to each server in turn (command is "server
x.x.x.x") and look up the name of each domain controller and check that it
resolves to the correct address.

Before the DNS infromation in an AD-integrated DNS setup can replicate,
servers need to be able to resolve each other with DNS. It's a catch 22
situation. You might need to go and modify some address records by hand.
Hopefully you won't have to touch any SRV records.

Regards

Oli
 
C

C Hall

AD Integrated is correct. What will happen is any changes/additions in DNS
will be replicated with AD changes. Here's a couple of documents to check
your AD/DNS setup (this if for w2k):

How to verify an Active Directory Installation:
http://support.microsoft.com/default.aspx?scid=kb;en-us;298143

Troubleshooting Common Active Directory Setup Issues in Windows 2000:
http://support.microsoft.com/default.aspx?scid=kb;en-us;260371

Setting Up the Domain Name System for Active Directory:
http://support.microsoft.com/default.aspx?scid=kb;en-us;237675

Active Directory Operations Overview: Troubleshooting Active Directory
Replication Problems.:
http://www.microsoft.com/technet/pr...irectory/maintain/opsguide/part1/adogd12.mspx

I've found the above documents to be very helpful. One thing I learned (the
hard way) was to NOT put any other DNS server IP addresses in the server's
TCP/IP configuration. Instead, use forwarders. I can't seem to put my finger
on the article on setting up dns forwarders....

HTH,
Chris
 
E

Enkidu

AD Integrated is correct. What will happen is any changes/additions in DNS
will be replicated with AD changes. Here's a couple of documents to check
your AD/DNS setup (this if for w2k):
Click to expand...
Um, "correct"? In this case AD Integrated may well be the best option,
but if you mean that you should always use AD integration, I'd
disagree. It's likely I misunderstood you, though.

Cheers,

Cliff
 
E

Enkidu

I have two machines at seperate sites, both domain controllers. I am getting
all kinds of synching problems during replication. I have set both servers
to be DNS, both by default configured themselves on the correct domain
(company.com) as Active Directory Integrated. Is this correct or should only
one site be Active Directory Integrated and the second site then be a
'secondary' dns?
Thanks!
Click to expand...
It's not likely that the sync problems are due to AD Integrated DNS.

Cheers,

Cliff
 
C

C Hall

Hi Cliff,

I cut short my reply...I wouldn't think running both AD Integrated & a
'secondary' dns would be a 'proper' solution. Question: outside of
situations where there is a mixed network (Unix & Netware with Windows),
what other situation would you use primary/secondary zones over AD
Integratate zones?
 
E

Enkidu

If the DNS server runs on a member server. If the DNS server is not
Microsoft. During a migration, during a recovery, if you need the
physical zone files for some reason. To reduce replication load on the
DCs.

In my own migration I installed DNS on Win2000 member servers in an NT
domain, then upgraded the PDC to an AD DC. That worked happily for
about 6 months before I integrated them. There's no huge advantage in
running AD integrated for a smallish shop. In a large shop AD
integrated means one less thing to worry about.

Cheers,

Cliff
 
C

C Hall

Thanks for the info.

Enkidu said:
If the DNS server runs on a member server. If the DNS server is not
Microsoft. During a migration, during a recovery, if you need the
physical zone files for some reason. To reduce replication load on the
DCs.

In my own migration I installed DNS on Win2000 member servers in an NT
domain, then upgraded the PDC to an AD DC. That worked happily for
about 6 months before I integrated them. There's no huge advantage in
running AD integrated for a smallish shop. In a large shop AD
integrated means one less thing to worry about.

Cheers,

Cliff
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Active Directory DNS structure for parent/child domains 2
Secondary Domain Controller DNS 3
DNS on Active Directory 3
Active Directory Integrated Zone 6
Missing DC in ADSS Default-first-site NTDS Settings 9
Rebuild Forest Root Domain Controller 3
DNS hostname on Servers in Active Directory 2
Active Directory & DNS Requirement 4

Top