Announcement

Collapse
No announcement yet.

Secondary DNS changes to Primary on restart

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Secondary DNS changes to Primary on restart

    Hello everyone! Let me give you a little info on my current setup.

    I have 2 DNS servers in my 250+ user environment. One of the server is running Windows Server 2003, it is also the first DC in the domain. I also have a Windows 2000 Server that is the second DC. The oddity that I have happening is this.

    When I reboot the W2k DNS server the DNS zone goes from Secondary to Primary Active Directory Integrated. We even discovered that it also occurs if you stop and start the DNS service.

    I have found only one artice that addresses this issue:
    http://www.jsifaq.com/SUBK/tip5300/rh5312.htm

    But the proposed fix seems not to apply to my situation (or I don't fully understand what I am looking for).

    To give you more info on what other tasks these systems do:

    Windows Server 2003
    DNS server
    DC
    Certificate Server
    File Server

    Windows 2000 Server
    DNS Server
    DC
    Backup Server
    Terminal Services Licensing Server

    Thanks in advance for any help

    Micah

  • #2
    I think I can follow what is happening... but first a question. Why do you want a secondary zone?

    Comment


    • #3
      I don't want a secondary zone. I want a secondary server in the same zone. Maybe the way I explained it is incorrect.

      I have a primary (AD integrated) and a secondary DNS server using the primary AD integrated server as its master server. When the secondary DNS server is rebooted or is the DNS server service is restarted it goes from being a secondary server to being a Primary AD integrated server. It does allow me to change it back though.

      Does that make it more clear?
      Thanks
      Micah

      Comment


      • #4
        Originally posted by Bacchus
        I don't want a secondary zone. I want a secondary server in the same zone. Maybe the way I explained it is incorrect.

        I have a primary (AD integrated) and a secondary DNS server using the primary AD integrated server as its master server. When the secondary DNS server is rebooted or is the DNS server service is restarted it goes from being a secondary server to being a Primary AD integrated server. It does allow me to change it back though.

        Does that make it more clear?
        Thanks
        Micah
        I think you are not make any sence.
        This post are different from the other.
        Are you talking about "SOA" or TYPE of ZONES?
        The link is about TYPE of ZONES and your post description talk about SOA.
        Your Master DNS server change to slave DNS server...
        You have both ad integrated zones and when you start your DNS service on the w2k then the SOA will be on the w2k and not anymore w2k3. That's right? If is that your problem then forget the link.
        MCSE w2k
        MCSA w2k - MCSA w2k MESSAGING
        MCDBA SQL2k

        Comment


        • #5
          Bacchus,

          you make perfect sense. A confusion of terminology, that's all. With AD integrated zones you have no secondaries. All zones on all DC's are writeable. It's similar to not having BDC's anymore with Active Directory.

          Go to the w2003 server, and make sure the replication scope of the zones is: all DC's in the domain. Do that, and the w2000 server will pick them up automatically. You will need to remove any 'bogus' zones from the w2000 server first.

          Comment


          • #6
            Wkasdo,

            Thanks so much for your response. Just so I am understanding you. I went on my W2k server and removed all the zone files associate with it. I verified that the W2k3 server was configured to replicate to all DCs (3rd option). Am I to assume that when replication occurs that the W2k server will populate with all the DNS records?

            Basically there is nothing I have to do beyond installing DNS on the W2K server? I don't have to add a zone and make the zone a secondary to the W2k3 server, right?

            Thanks
            Bacchus

            Comment


            • #7
              Originally posted by windux

              I think you are not make any sence.
              This post are different from the other.
              Are you talking about "SOA" or TYPE of ZONES?
              The link is about TYPE of ZONES and your post description talk about SOA.
              Your Master DNS server change to slave DNS server...
              You have both ad integrated zones and when you start your DNS service on the w2k then the SOA will be on the w2k and not anymore w2k3. That's right? If is that your problem then forget the link.
              That's what I thought! When I read the information in that link I got more confused because it seemed like it did not pertain to my situation.

              This is how I set up my DNS.
              Server 1 (Windows server 2003) and Server 2 (Windows 2000 Server)

              I installed DNS server on server 1 and create a new zone file called salco1.net. I made it an AD integrated zone.

              I went to Server 2 and installed DNS server and created a new zone called salco1.net and set that zone to be a seconday and point it to server 1 as the master.

              As long as I don't restart server 2 everything seems to be working fine. As soon as I reboot server 2 the zone goes from being a secondary to being an AD integrated Primary zone. That's when the problems start.


              Thanks
              Bacchus

              Comment


              • #8
                Replication does not come into play with ADI zones. The information is stored in AD and so any DNS servers automatically has access to this infomation.

                Any zone information is updated along with standard AD replications which in a single site environment is pretty much instantly.

                As wkasdo says, all are "masters" and can write info to the zone. If one fails the other still just continues to serve, providing you've setup your clients to use the 2nd DNS server as well as the first.

                topper.
                * Shamelessly mentioning "Don't forget to add reputation!"

                Comment


                • #9
                  I could kiss you all!

                  So just for final clarification, I just have to have the DNS server installed on my 2nd DC for it to handle DNS requests. I don't have to add a zone or anything, correct?

                  Comment


                  • #10
                    Originally posted by Bacchus
                    I could kiss you all!

                    So just for final clarification, I just have to have the DNS server installed on my 2nd DC for it to handle DNS requests. I don't have to add a zone or anything, correct?
                    If you do that then you willhave one DNS server Caching Only - no zones at all stored on the server.
                    When dns server is installed it is automatically configured to act as a caching only server.
                    When DNS server zone data is stored in AD all DNS zervers become peers.
                    You need to create this zone as well for load balancing performance and fault tolerance.
                    Two server with AD integrated zones.
                    MCSE w2k
                    MCSA w2k - MCSA w2k MESSAGING
                    MCDBA SQL2k

                    Comment


                    • #11
                      Okay, so what I have done is this.

                      I have 2 forward lookup zones.

                      salco1.net
                      _msdcs.salco1.net

                      Both are running as AD integrated primary zones.

                      I have this configured the same way on both servers. That is correct, right?

                      Another question, which may deserve a seperate thread:

                      The SOA for both of my servers is itself. Meaning server1's SOA is server1 and server2's SOA is server2. Shouldn't there only be one SOA per domain?

                      Comment


                      • #12
                        You only need to create one zone on each server.


                        See this link for info about dns:

                        http://www.microsoft.com/technet/pro...57a880db1.mspx

                        And this for DNS zone creation:


                        http://support.microsoft.com/default...en-us;323445#2
                        OR this one

                        http://www.microsoft.com/technet/pro...57a880db1.mspx

                        MCSE w2k
                        MCSA w2k - MCSA w2k MESSAGING
                        MCDBA SQL2k

                        Comment


                        • #13
                          OKay, i'll tell you what I did. I configured both servers to be ADI zones (both salco1.net and _msdcs.salco1.net) Also the SOA for both servers should be itself. I configured both servers to point to itself as the primary DNS server too. I ran dnslint /ad server1 /s server1 and all the issues were resolved. Thanks for all your help guys! I really appreciate it.

                          Also, the _msdcs.<domain> is necessary, so I did have to create 2 zones (technically). It is usually there automatically btw

                          Comment


                          • #14
                            Originally posted by windux
                            Originally posted by Bacchus
                            I could kiss you all!

                            So just for final clarification, I just have to have the DNS server installed on my 2nd DC for it to handle DNS requests. I don't have to add a zone or anything, correct?
                            If you do that then you willhave one DNS server Caching Only - no zones at all stored on the server.
                            When dns server is installed it is automatically configured to act as a caching only server.
                            When DNS server zone data is stored in AD all DNS zervers become peers.
                            You need to create this zone as well for load balancing performance and fault tolerance.
                            Two server with AD integrated zones.
                            Maybe your intention is correct, but you say it wrong. You create the zone only ONCE, as AD integrated. On a second DNS server you DO NOT create the zone. It will replicate in by itself using AD. It will NOT be just a caching server, it will host the zones and server data from them.

                            Bacchus statement is correct. From his posts, I think he got it right in the end. All is well that ends well...

                            Comment


                            • #15
                              Originally posted by wkasdo
                              Originally posted by windux
                              Originally posted by Bacchus
                              I could kiss you all!

                              So just for final clarification, I just have to have the DNS server installed on my 2nd DC for it to handle DNS requests. I don't have to add a zone or anything, correct?
                              If you do that then you willhave one DNS server Caching Only - no zones at all stored on the server.
                              When dns server is installed it is automatically configured to act as a caching only server.
                              When DNS server zone data is stored in AD all DNS zervers become peers.
                              You need to create this zone as well for load balancing performance and fault tolerance.
                              Two server with AD integrated zones.
                              Maybe your intention is correct, but you say it wrong. You create the zone only ONCE, as AD integrated. On a second DNS server you DO NOT create the zone. It will replicate in by itself using AD. It will NOT be just a caching server, it will host the zones and server data from them.

                              Bacchus statement is correct. From his posts, I think he got it right in the end. All is well that ends well...
                              You create one domain and the dns will be stored on the first dc with one zone ADI.

                              If you promote another dc and install dns server on it you will never have any kind of zone. That server will be forever caching only server. That was i am talking about.

                              "DNS servers running on domain controllers can store their zones in Active Directory. In this way, it is not necessary to configure a separate DNS replication topology that uses ordinary DNS zone transfers, because all zone data is replicated automatically by means of Active Directory replication. This simplifies the process of deploying DNS, BUT YOU NEED to create the zone."

                              See here:

                              http://www.microsoft.com/technet/pro...7e8a15c0a.mspx

                              http://www.microsoft.com/technet/pro...8fc03eba7.mspx
                              MCSE w2k
                              MCSA w2k - MCSA w2k MESSAGING
                              MCDBA SQL2k

                              Comment

                              Working...
                              X