Announcement

Collapse
No announcement yet.

How to remove (secondary) DNS information

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to remove (secondary) DNS information

    Hi, folks

    I have a small single W2k3 domain with two DC's. Both are running W2k3.

    One has all the FSMO roles and is the primary DNS server, DHCP etc.

    The second one has a secondary DNS server installed.

    Last week I demoted the second DC. This removed the secondary DNS server. I then removed it from the domain completely.

    Today I have installed an additional DC - a W2k8 server. When I ran dcpromo and selected the option to install DNS it reported that there were two registered DNS servers available in the domain. I unchecked the option to install DNS and the promotion was fine.

    I want to install a secondary DNS server on the W2k8 DC, and can't see any reason why it would not work. However, I only want to do this once I am sure that all references to the original secondary have been removed.

    Does anyone know how I can do that, please?

    I can't see any option to check for the existence/references to a secondary DNS server.

    There's no problem with the clients as the secondary DNS settings were removed from DHCP options several days before the second DC was demoted. I just need to know where to look so that I can remove these references to a now non-existent computer.

    Thanks
    A recent poll suggests that 6 out of 7 dwarfs are not happy

  • #2
    Re: How to remove (secondary) DNS information

    does your dhcp scope reference two DNS Servers?
    or do you have 2 NS records in your dns console ?
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: How to remove (secondary) DNS information

      Are you sure about that error? You should be able to install as many DNS servers you want.

      Also, running dcpromo to demote a server does not remove the DNS server role. It will remove the DNS zone if it's an AD integrated zone but other than that the dcpromo shouldn't affect the DNS server.

      Can you post the exact error you're getting?
      Regards,
      Jeremy

      Network Consultant/Engineer
      Baltimore - Washington area and beyond
      www.gma-cpa.com

      Comment


      • #4
        Re: How to remove (secondary) DNS information

        Thanks a lot for your replies.

        There was no error, and now that I've successfully run dcpromo I'm reluctant to demote, then promote the W2k8 server again.

        When I demoted the second W2k3 DC that hosted the secondary server I just ran dcpromo and followed the prompts. I spent quite some time trying to find out best practice for retiring a secondary DNS server and everything I read suggested that dcpromo would take care of it.

        After the secondary server was demoted, and before I removed it from the domain I opened DNS on it and checked to see what it contained. It was completely empty. Previously, it had mirrored the same information on the primary server. Great, I thought. So, I made it a member of a workgroup, then checked ADUC on the remaining DC. The record for the server in the domain controllers node was gone. In the computers node a record with a red X exists for it.

        When I ran dcpromo on the W2k8 server and received the message about there being 2 DNS servers in the domain I thought it best to investigate this before creating a secondary DNS server on the W2k8 DC.

        I checked the DNS server on the DC and there is no trace of the demoted server there. Also, WINS records for the demoted server are all 'released'.

        So, it was not an error message, just an informational message that I was not expecting. I have had things go wrong in the past when I have ignored stuff like this, so I spent some time trying to find out how you can identify the existence of a secondary DNS server in a domain and where that information is.

        Because the DNS server did not contain any records, and because it had been demoted and then removed from the domain, I thought I could safely remove the computer from the network. It's now been destroyed.

        The DHCP scope settings reference just one DNS server. I removed the additional reference to the secondary server several days before I demoted the machine.
        A recent poll suggests that 6 out of 7 dwarfs are not happy

        Comment


        • #5
          Re: How to remove (secondary) DNS information

          Originally posted by Blood View Post
          I spent quite some time trying to find out best practice for retiring a secondary DNS server and everything I read suggested that dcpromo would take care of it.
          dcpromo will only take care of it if it's an AD integrated zone which by default they are. But even if the zone is "taken care of" the DNS server service is still installed and running on the computer and it will still try and resolve DNS queries. So chances are the zone was removed from the server. But this isn't a big deal. If you ran dcpromo to demote the server and didn't get any errors then you're looking good.


          Originally posted by Blood View Post
          After the secondary server was demoted, and before I removed it from the domain I opened DNS on it and checked to see what it contained. It was completely empty. Previously, it had mirrored the same information on the primary server. Great, I thought. So, I made it a member of a workgroup, then checked ADUC on the remaining DC. The record for the server in the domain controllers node was gone. In the computers node a record with a red X exists for it.
          All this sounds good. I'm sure, from what describe, it was an AD integrated zone (not a secondary zone).

          Once you remove a domain controller, after you demote it you need to clean up DNS by removing any reference to the demoted domain controller.

          Originally posted by Blood View Post
          When I ran dcpromo on the W2k8 server and received the message about there being 2 DNS servers in the domain I thought it best to investigate this before creating a secondary DNS server on the W2k8 DC.

          I checked the DNS server on the DC and there is no trace of the demoted server there. Also, WINS records for the demoted server are all 'released'.
          Was this the message you got?
          Click image for larger version

Name:	DNS_info.png
Views:	1
Size:	19.8 KB
ID:	464398

          If so then that means there is a left over NS record from the old domain controller. You can safely remove it (and any other reference to the old domain controller from DNS).

          Originally posted by Blood View Post
          So, it was not an error message, just an informational message that I was not expecting. I have had things go wrong in the past when I have ignored stuff like this, so I spent some time trying to find out how you can identify the existence of a secondary DNS server in a domain and where that information is.

          Because the DNS server did not contain any records, and because it had been demoted and then removed from the domain, I thought I could safely remove the computer from the network. It's now been destroyed.

          The DHCP scope settings reference just one DNS server. I removed the additional reference to the secondary server several days before I demoted the machine.
          OK, all that sounds fine.

          The only steps left to do is clean up any references to the old DC in DNS, install the DNS server role on the 2008 DC, and then add the new DNS server to the DHCP scope options.
          Last edited by JeremyW; 27th April 2010, 00:58.
          Regards,
          Jeremy

          Network Consultant/Engineer
          Baltimore - Washington area and beyond
          www.gma-cpa.com

          Comment


          • #6
            Re: How to remove (secondary) DNS information

            Hi, JeremyW

            Thanks for such a comprehensive response.

            Yes - I'm sure that is the message I received. When I get to work I will look more carefully at the DNS records and see if I can spot the NS record. I had gone through every node in the DNS console, but perhaps I did not look hard enough.

            When I installed DNS on the second DC, I was certain I installed it as a secondary. However, as one gets older, the memory becomes hazier...

            Thanks again for your help.
            A recent poll suggests that 6 out of 7 dwarfs are not happy

            Comment


            • #7
              Re: How to remove (secondary) DNS information

              I must be blind.

              There were several NS records relating to the demoted DC. They have now been removed.

              Thanks for the help.
              A recent poll suggests that 6 out of 7 dwarfs are not happy

              Comment


              • #8
                Re: How to remove (secondary) DNS information

                Glad to help.
                Regards,
                Jeremy

                Network Consultant/Engineer
                Baltimore - Washington area and beyond
                www.gma-cpa.com

                Comment

                Working...
                X