How to add a Secondary DNS server with AD Integrated Zones

Author: NetworkAdminKB.com
Created: 2010-01-18
Modified: 2010-02-06

Issue:

A common problem administrators have is configuring a second DC to act as the secondary DNS server for the domain.

 

Cause:

The most common cause is performing the step out of order or performing un-needed actions that cause issues.

 

Solution:

Use the following procedure to add a second DC and then configure it as the Secondary DNS server for the domain

 

1)      On the Secondary DC / DNS Server

a.       Install the OS for the secondary DC

b.      Install DNS

                                                               i.      Do not configure

c.       Assign static IP Address

                                                               i.      Configure TCP/IP DNS settings to point to the Primary DNS server.

d.      Run DCPromo

                                                               i.      Add new domain controller to existing domain

e.       Reboot

                                                               i.      Wait for the server to come up before continuing.

2)      On the Primary DC / DNS Server

a.       Use Active Directory Site and Services to force replication between the DCs.  Select Replicate Now (screen shot) for all DC’s in the

 

 

3)      On the Secondary DC / DNS Server

 

a.       The zones for AD integrated DNS zones will be automatically created.  If they do not appear restart DNS periodically until they appear. 

 

b.      Do not continue until the DNS zones appear.  This can take 15-30 minutes or more depending on the number of DNS zones.

 

4)      On the Primary DC / DNS Server

 

a.       Configure its primary DNS server to be the IP Address of the secondary DNS server.

 

b.      Configure its secondary DNS server to point to itself.

 

5)      On the Secondary DC / DNS Server

 

a.       Configure its primary DNS server to be the IP Address of the primary DNS server.

 

b.      Configure its secondary DNS server to point to itself.

 

 

 

 

Article ID: 234, Created On: 9/18/2011, Modified: 9/18/2011

Comments (1)

Nowayandnohow

On step #4 you say "Configure its primary DNS server to be the IP Address of the secondary DNS server".

so you want my forwarder to point to the secondary DC, and the secondary DC to pint to the main DC?

That makes no sense?

I currently have the main DNS pointing the forwarders to the DNS of the ISP?

11/7/2011 at 4:17 PM
KBAdmin

You're confusing DNS forwarders with DNS client lookups, and your mis-understanding the intention of the steps.

On the primary DC/DNS Server configure the primary DNS server in the TCP/IP propteries to the ip addresses of the secondary DNS Server, and vice verse.

This configures only the DNS Client, and not the DNS Forwarders.

All DNS Client's (even ones on DNS server) should always point to interal DNS servers and never external DNS servers. The Forwarders tab of the DNS servers show be configured with external ISP DNS servers.

Ultimately, what is happening here is the servers are being forced to register DNS records with each other. This is needed to make sure each DC can initially resolve both host names via DNS. Without both hosts registering with each other's DNS server replication will fail because each DNS server only has DNS Host records for itself.

11/14/2011 at 12:04 AM