Hi Guido, Can you share some info on the "Agreed that the process would be slightly differnet for a "live environemnt with many other DNS records data in it". I'm trying to figure out what you mean with this. Regards Jorge
-----Original Message----- From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org; Send - AD mailing list Sent: 4/19/2005 9:25 PM Subject: RE: [ActiveDir] Installing DNS in Child Domain hey Dean - I see you're on a DNS trip today ;-)) 10 posts on this thread by Dean - must be a record... aren't we forgetting that this is a test-environment? I'd just blow away the child's DNS subzone on in the root DC's DNS config and then create a delegation for the child.test.com zone for the child DC. Then create the child.test.com DNS zone on the child DC, point the DC to use itself as a DNS server and then re-register all records on this server (restart netlogon). Agreed that the process would be slightly differnet for a "live" environemnt with many other DNS records data in it. /Guido -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Dienstag, 19. April 2005 17:57 To: Send - AD mailing list Subject: RE: [ActiveDir] Installing DNS in Child Domain If only one record exists, you have encountered the known-bug I mentioned earlier. To resolve this issue, temporarily configure the forest root DNS zone to allow both secure and insecure update, on the child DC, ensure its preferred resolver still points to the root DC, run a command shell and enter "ipconfig /registerdns". Return to the root DC and refresh the zone content, you should now see a second A record named after the child DC itself, if so - reset the zone to secure updates. Up until now, your 2 DCs have not been replicating, to accelerate the convergence time, copy and paste the following verbatim in a command shell on each DC (requires Support Tools installed) - 1) ipconfig /flushdns 2) net stop netlogon & net start netlogon 3) for /l %a in (1,1,25) do repadmin /kcc & repadmin /syncall & repadmin /syncall /P NOTE - I DO NOT recommend the use of the 'for in do' loop above in a large enterprise. Run AD Sites and Services and verify that replication is now succeeding. Do you still want to distribute your DNS namespace per your original post? -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet Singh Sent: Tuesday, April 19, 2005 11:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Installing DNS in Child Domain Hi, Yes, your summary is absolutely correct. No I did not create any structure manually; all were created automatically during first DC promotion. Now when I see the A host record under child.test.com, there is only one record 'same as parent'. Thanks, Manjeet -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Tuesday, April 19, 2005 8:12 PM To: Send - AD mailing list Subject: RE: [ActiveDir] Installing DNS in Child Domain I'm working on the premise that at present all DCs and members resolve against a single DNS server running on the DC in the forest root that was created during the promotion of the very first DC. You've since promoted a new DC and created a child domain named child.test.com. This DC also resolves against the DNS server running on the DC in the root domain. Is that summary accurate? Have you altered the default configuration created by DCpromo in anyway or did you create the current DNS structure manually? Does the A record for the child DC exist, this is a known bug that would cause anything we do from this point (excluding the use of BIND zone files) to fail - - expand the zone on the root DNS server - locate the entry 'child.test'com' - two A (host) records should exist, one named after the DC itself the other, 'same as parent' Once we have this information, the steps to distribute your DNS namespace become relatively simple. -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet Singh Sent: Tuesday, April 19, 2005 10:02 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Installing DNS in Child Domain Hi, I am using windows 2003 standard edition. This might be the requirement when you have distributed domain model. Say Root and child domain are in separate remote location. So reduce the traffic I need to have separate DNS on my child domain controller. So do I configure DNS on preinstall Child domain controller ? Manjeet -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Tuesday, April 19, 2005 7:24 PM To: Send - AD mailing list Subject: RE: [ActiveDir] Installing DNS in Child Domain Windows offers no automated solution for this type of restructuring, the premise being that any organization with a need for a more distributed DNS infrastructure needs 1) the technical staffing sufficient to create it and 2) same said staffing to support it. Before making any recommendations as to the direction you should take, can I ask on what version/flavour of Windows you're building this lab environment? -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet Singh Sent: Tuesday, April 19, 2005 9:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Installing DNS in Child Domain Hi, I have installed a root domain controller "test.com". Then I have installed a child domain controller: child.test.com" with primary DNS as test.com. So a zone child.test.com automatically added in my test.com DNS. I want to install a separate DNS for child domain, and want to set child as primary DNS and root as secondary DNS. To do that I Installed DNS service on my child domain controller. So what is the best way to install the DNS on child domain? Do I do a ZONE transfer by delegation or some other easy process? Thanks, manjeet List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
