Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Re do DNS Possible
Re do DNS Possible [message #345355] Tue, 15 December 2009 20:49 Go to next message
MSNews  is currently offline MSNews  United States
Messages: 135
Registered: September 2009
Senior Member
We have an old setup with 3 AD Windows2003 DC servers. Each has non
integrated dns that loads from file.
The previous admin said it was a leftover from the old NT days and he never
bothered to change to AD integrated because "it works now" Is there a good
reason to not go AD integrated? is it worth the time? will I need to
remove all current DNS and start over? Just planning my time for next
year...

Thanks

Carlo D
Re: Re do DNS Possible [message #345448 is a reply to message #345355] Wed, 16 December 2009 00:47 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello MrC,

I see nothing against it. We use it always this way. One advantage is, that
if all DCs are also DNS servers replication goes automatically to all of
them during normal replication interval. And changing to AD integrated zones
is really easy.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> We have an old setup with 3 AD Windows2003 DC servers. Each has non
> integrated dns that loads from file.
> The previous admin said it was a leftover from the old NT days and he
> never
> bothered to change to AD integrated because "it works now" Is there
> a good
> reason to not go AD integrated? is it worth the time? will I need
> to
> remove all current DNS and start over? Just planning my time for
> next
> year...
> Thanks
>
> Carlo D
>
Re: Re do DNS Possible [message #345564 is a reply to message #345448] Wed, 16 December 2009 06:26 Go to previous messageGo to next message
pbbergs  is currently offline pbbergs  United States
Messages: 1024
Registered: July 2009
Senior Member
If you have three primary dns servers (Sounds like from your description)
then you need to immediately correct this. You should have one primary and
the rest secondary. If you already have primary and secondary then change
the primary to AD integrated first and then switch the others over to AD
integrated after the primary the is switched. With AD integrated you get a
more secure dns infrastructure.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
news:6cb2911db1308cc4c4396fa14b4@msnews.microsoft.com...
> Hello MrC,
>
> I see nothing against it. We use it always this way. One advantage is,
> that if all DCs are also DNS servers replication goes automatically to all
> of them during normal replication interval. And changing to AD integrated
> zones is really easy.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> We have an old setup with 3 AD Windows2003 DC servers. Each has non
>> integrated dns that loads from file.
>> The previous admin said it was a leftover from the old NT days and he
>> never
>> bothered to change to AD integrated because "it works now" Is there
>> a good
>> reason to not go AD integrated? is it worth the time? will I need
>> to
>> remove all current DNS and start over? Just planning my time for
>> next
>> year...
>> Thanks
>>
>> Carlo D
>>
>
>
Re: Re do DNS Possible [message #345663 is a reply to message #345564] Wed, 16 December 2009 08:32 Go to previous messageGo to next message
MSNews  is currently offline MSNews  United States
Messages: 135
Registered: September 2009
Senior Member
Update..sorry not clear.. 1 primary 2 secondary.

"Paul Bergson [MVP-DS]" <pbbergs@no_spammsn.com> wrote in message
news:uAlQfNlfKHA.1112@TK2MSFTNGP04.phx.gbl...
> If you have three primary dns servers (Sounds like from your description)
> then you need to immediately correct this. You should have one primary
> and the rest secondary. If you already have primary and secondary then
> change the primary to AD integrated first and then switch the others over
> to AD integrated after the primary the is switched. With AD integrated
> you get a more secure dns infrastructure.
>
> --
> Paul Bergson
> MVP - Directory Services
> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
> Microsoft's Thrive IT Pro of the Month - June 2009
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup This
> posting is provided "AS IS" with no warranties, and confers no rights.
>
> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
> news:6cb2911db1308cc4c4396fa14b4@msnews.microsoft.com...
>> Hello MrC,
>>
>> I see nothing against it. We use it always this way. One advantage is,
>> that if all DCs are also DNS servers replication goes automatically to
>> all of them during normal replication interval. And changing to AD
>> integrated zones is really easy.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>
>>> We have an old setup with 3 AD Windows2003 DC servers. Each has non
>>> integrated dns that loads from file.
>>> The previous admin said it was a leftover from the old NT days and he
>>> never
>>> bothered to change to AD integrated because "it works now" Is there
>>> a good
>>> reason to not go AD integrated? is it worth the time? will I need
>>> to
>>> remove all current DNS and start over? Just planning my time for
>>> next
>>> year...
>>> Thanks
>>>
>>> Carlo D
>>>
>>
>>
>
>
Re: Re do DNS Possible [message #345707 is a reply to message #345663] Wed, 16 December 2009 09:37 Go to previous messageGo to next message
Eric Westfall  is currently offline Eric Westfall
Messages: 6
Registered: December 2009
Junior Member
You can follow this Microsoft article on converting DNS Primary Servers to
Active Directory Integrated servers.

http://support.microsoft.com/kb/816101

Once you've converted the primary, you can validate the new naming contexts
(e.g. DomainDNSZones, ForestDNSZones) are being replicated properly by using
the repadmin /showrepl command before reconfiguring the secondaries.

---
Eric Westfall

"MrC" wrote:

> Update..sorry not clear.. 1 primary 2 secondary.
>
> "Paul Bergson [MVP-DS]" <pbbergs@no_spammsn.com> wrote in message
> news:uAlQfNlfKHA.1112@TK2MSFTNGP04.phx.gbl...
> > If you have three primary dns servers (Sounds like from your description)
> > then you need to immediately correct this. You should have one primary
> > and the rest secondary. If you already have primary and secondary then
> > change the primary to AD integrated first and then switch the others over
> > to AD integrated after the primary the is switched. With AD integrated
> > you get a more secure dns infrastructure.
> >
> > --
> > Paul Bergson
> > MVP - Directory Services
> > MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> > 2008, 2003, 2000 (Early Achiever), NT4
> > Microsoft's Thrive IT Pro of the Month - June 2009
> >
> > http://www.pbbergs.com
> >
> > Please no e-mails, any questions should be posted in the NewsGroup This
> > posting is provided "AS IS" with no warranties, and confers no rights.
> >
> > "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
> > news:6cb2911db1308cc4c4396fa14b4@msnews.microsoft.com...
> >> Hello MrC,
> >>
> >> I see nothing against it. We use it always this way. One advantage is,
> >> that if all DCs are also DNS servers replication goes automatically to
> >> all of them during normal replication interval. And changing to AD
> >> integrated zones is really easy.
> >>
> >> Best regards
> >>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>
> >>> We have an old setup with 3 AD Windows2003 DC servers. Each has non
> >>> integrated dns that loads from file.
> >>> The previous admin said it was a leftover from the old NT days and he
> >>> never
> >>> bothered to change to AD integrated because "it works now" Is there
> >>> a good
> >>> reason to not go AD integrated? is it worth the time? will I need
> >>> to
> >>> remove all current DNS and start over? Just planning my time for
> >>> next
> >>> year...
> >>> Thanks
> >>>
> >>> Carlo D
> >>>
> >>
> >>
> >
> >
>
>
> .
>
Re: Re do DNS Possible [message #346434 is a reply to message #345663] Thu, 17 December 2009 06:13 Go to previous message
pbbergs  is currently offline pbbergs  United States
Messages: 1024
Registered: July 2009
Senior Member
I would follow the link provided by Eric. It is exactly what you need.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"MrC" <nf@no.com> wrote in message
news:OfIfEUmfKHA.5228@TK2MSFTNGP06.phx.gbl...
> Update..sorry not clear.. 1 primary 2 secondary.
>
> "Paul Bergson [MVP-DS]" <pbbergs@no_spammsn.com> wrote in message
> news:uAlQfNlfKHA.1112@TK2MSFTNGP04.phx.gbl...
>> If you have three primary dns servers (Sounds like from your description)
>> then you need to immediately correct this. You should have one primary
>> and the rest secondary. If you already have primary and secondary then
>> change the primary to AD integrated first and then switch the others over
>> to AD integrated after the primary the is switched. With AD integrated
>> you get a more secure dns infrastructure.
>>
>> --
>> Paul Bergson
>> MVP - Directory Services
>> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
>> 2008, 2003, 2000 (Early Achiever), NT4
>> Microsoft's Thrive IT Pro of the Month - June 2009
>>
>> http://www.pbbergs.com
>>
>> Please no e-mails, any questions should be posted in the NewsGroup This
>> posting is provided "AS IS" with no warranties, and confers no rights.
>>
>> "Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
>> news:6cb2911db1308cc4c4396fa14b4@msnews.microsoft.com...
>>> Hello MrC,
>>>
>>> I see nothing against it. We use it always this way. One advantage is,
>>> that if all DCs are also DNS servers replication goes automatically to
>>> all of them during normal replication interval. And changing to AD
>>> integrated zones is really easy.
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>
>>>> We have an old setup with 3 AD Windows2003 DC servers. Each has non
>>>> integrated dns that loads from file.
>>>> The previous admin said it was a leftover from the old NT days and he
>>>> never
>>>> bothered to change to AD integrated because "it works now" Is there
>>>> a good
>>>> reason to not go AD integrated? is it worth the time? will I need
>>>> to
>>>> remove all current DNS and start over? Just planning my time for
>>>> next
>>>> year...
>>>> Thanks
>>>>
>>>> Carlo D
>>>>
>>>
>>>
>>
>>
>
>
Previous Topic:PDC time services how to resynch?
Next Topic:DC Reboot Causes Outlook Timeouts
Goto Forum:
  


Current Time: Tue Jan 16 10:36:19 MST 2018

Total time taken to generate the page: 0.05706 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software