I have recently taken over a new client in a windows server 2003 domain environment. The only issue i see with the setup is that the second domain controller's dns entries might be wrong, hence why i am posting here. Here is the network setup.
- two domain controllers
- Domain controllers are DC1 and DC2
both Domain Controllers are Active Directory Integrated and have their DNS AD integrated too.
DC1 DNS settings
dns1: points to itself so DC1, dns2: points to nothing, it is blank?- DC2 DNS settings
dns1: points to main domain controller with the fsmo roles so DC1, dns2: points to itself so DC2
i have always set the DNS entries of domain controllers to themselves for the first DNS entry and to the other domain controller for the second entry. If it were me doing this for the client my settings would look like this
DC1
dns1 points to DC1, dns2 points to DC2DC2
dns1 points to itself so DC2, dns2 points to DC1
i thought that server 2003 addressed the issue with DNS island that used to happen to domain controllers in Windows Server 2000 enviroments?
Answer
Yeah, you're dead on; best practice is to point each DC to itself (127.0.0.1) as primary, and the other DC as secondary.
Along the same lines, you may want to make sure that the zones are being replicated using the new (well, old, but newer than 2000) directory partitions; make sure that the replication method is set to "All DNS Servers in Domain/Forest", not the 2000-compat mode of "All DCs".
No comments:
Post a Comment