LOL ... I had oodles of free time waiting for a ridiculously delayed call to take place.
Re: the test environment, I'd agree that your suggestion would indeed work with such a limited number of DCs but I find myself asking the question "what exactly is the test forest for?" ... a) to learn how to circumvent best-practice in test environments :) or b) to learn how to better structure and implement a roughly comparable enterprise environment ... my responses were based on the latter but I'm guessing you'd picked up on that. Seriously, your point is well taken and there are faster approaches than that (some of which I've proven against production environments in order to v. quickly recover from catastrophic failure) but since the default DNS structure created by 2K3's DCpromo will suffice for a 2 DC, 2 domain test forest (and larger), I (uh oh!) assumed that the poster's goal exceeded merely that of a functioning end result. -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Tuesday, April 19, 2005 3:26 PM To: [email protected]; Send - AD mailing list Subject: RE: [ActiveDir] Installing DNS in Child Domain hey Dean - I see you're on a DNS trip today ;-)) 10 posts on this thread by Dean - must be a record... aren't we forgetting that this is a test-environment? I'd just blow away the child's DNS subzone on in the root DC's DNS config and then create a delegation for the child.test.com zone for the child DC. Then create the child.test.com DNS zone on the child DC, point the DC to use itself as a DNS server and then re-register all records on this server (restart netlogon). Agreed that the process would be slightly differnet for a "live" environemnt with many other DNS records data in it. /Guido -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Dienstag, 19. April 2005 17:57 To: Send - AD mailing list Subject: RE: [ActiveDir] Installing DNS in Child Domain If only one record exists, you have encountered the known-bug I mentioned earlier. To resolve this issue, temporarily configure the forest root DNS zone to allow both secure and insecure update, on the child DC, ensure its preferred resolver still points to the root DC, run a command shell and enter "ipconfig /registerdns". Return to the root DC and refresh the zone content, you should now see a second A record named after the child DC itself, if so - reset the zone to secure updates. Up until now, your 2 DCs have not been replicating, to accelerate the convergence time, copy and paste the following verbatim in a command shell on each DC (requires Support Tools installed) - 1) ipconfig /flushdns 2) net stop netlogon & net start netlogon 3) for /l %a in (1,1,25) do repadmin /kcc & repadmin /syncall & repadmin /syncall /P NOTE - I DO NOT recommend the use of the 'for in do' loop above in a large enterprise. Run AD Sites and Services and verify that replication is now succeeding. Do you still want to distribute your DNS namespace per your original post? -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet Singh Sent: Tuesday, April 19, 2005 11:22 AM To: [email protected] Subject: RE: [ActiveDir] Installing DNS in Child Domain Hi, Yes, your summary is absolutely correct. No I did not create any structure manually; all were created automatically during first DC promotion. Now when I see the A host record under child.test.com, there is only one record 'same as parent'. Thanks, Manjeet -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Tuesday, April 19, 2005 8:12 PM To: Send - AD mailing list Subject: RE: [ActiveDir] Installing DNS in Child Domain I'm working on the premise that at present all DCs and members resolve against a single DNS server running on the DC in the forest root that was created during the promotion of the very first DC. You've since promoted a new DC and created a child domain named child.test.com. This DC also resolves against the DNS server running on the DC in the root domain. Is that summary accurate? Have you altered the default configuration created by DCpromo in anyway or did you create the current DNS structure manually? Does the A record for the child DC exist, this is a known bug that would cause anything we do from this point (excluding the use of BIND zone files) to fail - - expand the zone on the root DNS server - locate the entry 'child.test'com' - two A (host) records should exist, one named after the DC itself the other, 'same as parent' Once we have this information, the steps to distribute your DNS namespace become relatively simple. -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet Singh Sent: Tuesday, April 19, 2005 10:02 AM To: [email protected] Subject: RE: [ActiveDir] Installing DNS in Child Domain Hi, I am using windows 2003 standard edition. This might be the requirement when you have distributed domain model. Say Root and child domain are in separate remote location. So reduce the traffic I need to have separate DNS on my child domain controller. So do I configure DNS on preinstall Child domain controller ? Manjeet -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Tuesday, April 19, 2005 7:24 PM To: Send - AD mailing list Subject: RE: [ActiveDir] Installing DNS in Child Domain Windows offers no automated solution for this type of restructuring, the premise being that any organization with a need for a more distributed DNS infrastructure needs 1) the technical staffing sufficient to create it and 2) same said staffing to support it. Before making any recommendations as to the direction you should take, can I ask on what version/flavour of Windows you're building this lab environment? -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet Singh Sent: Tuesday, April 19, 2005 9:11 AM To: [email protected] Subject: [ActiveDir] Installing DNS in Child Domain Hi, I have installed a root domain controller "test.com". Then I have installed a child domain controller: child.test.com" with primary DNS as test.com. So a zone child.test.com automatically added in my test.com DNS. I want to install a separate DNS for child domain, and want to set child as primary DNS and root as secondary DNS. To do that I Installed DNS service on my child domain controller. So what is the best way to install the DNS on child domain? Do I do a ZONE transfer by delegation or some other easy process? Thanks, manjeet List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
