Question for everyone,
Now I know this is a pretty in-depth question, but here it goes. I was running NT 4.0 servers for the longest time, but am finally migrating off to W2K servers running in an active directory environment. This move is more for the data replication services more than anything, but I am still learning W2K. My primary DNS is my domain controller and my secondary DNS is my backup domain controller. I am running Microsoft's DNS server and first want to make sure that redundancy for the DNS is setup correctly. Does anyone out there know of a TechNet article or anything from Microsoft or other source on setting this up.
If you go with Active Directory Integrated DNS you'll gain the following advantages:
*Secure DNS updates (handled by Active Directory Replication)
*Ability to change DNS entries at ANY AD Integrated DNS server (not just the primary)
*Ability to change DNS entries even when the "primary" is down (since DNS is in AD any AD DNS DC can initiate changes.)
You can also still include other DNS servers (ie: Unix, NT4) that will act as secondaries (read only copies) but distribution to these servers is by convential means, not AD replication.
Here are some MS links:
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp?url=/WINDOWS2000/techinfo/reskit/en-us/distrib/dsbb_act_zyjb.asp
http://support.microsoft.com/support/kb/articles/Q198/4/37.ASP
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/columns/profwin/dnsplan1.asp
http://support.microsoft.com/support/kb/articles/Q227/8/44.ASP
http://www.microsoft.com/WINDOWS2000/techinfo/reskit/deploymentscenarios/scenarios/dhcp02_config_dns_secdynupdate.asp
If you search Microsoft's site on ACTIVE DIRECTORY INTEGRATED DNS you'll get a ton of hits.
Also, DNS aside, make sure you're comfortable with migrating the PDC to Win2000 and have considered how you want things to work (ie: things like name space [domain name] can't be redone without a complete re-install of Active Directory- so you want to get it right the first time.) If you have some space PCs lying around I would recommend setting up a small lab and doing the migration there first. You could also use one of these PCs to build a BDC in your live network then pull it and put it in your lab (completely disconnected from the live network) and promote it to PDC and perform your Windows 2000 migration.
My second question is that my primary mail server is named "Mail" and my secondary mail server is "Mail2". These reside in the same active directory as the rest of my servers. Now my DNS records are:
xyz.com MX mail.xyz.com (10)
xyz.com MX mail2.xyz.com (20)
I believe that if my primary mail server is down, it will forward all messages to the secondary with this config. The thing that is getting me is how do I make sure that users can send and receive mail if our primary server is down. Do they need to setup a second account in their mail client or is there an easier way to accomplish this. Also is there a way for the primary and secondary server to communicate with each other on getting the messages synced up with each other.
All this does for you is allow you to store email destined for "mail" on "mail2" while "mail" is unavailable. Instead of foreign mail senders getting an error message from their mail server that mail couldn't be sent to you it gets sent to "mail2" and sits there. When "mail" comes back up "mail2" will forward the stored mail to it. If "mail" was going to be down for a very long time you could have people change their mail clients to "mails2" (or change your DNS) but there would be a lot of issues including setting up and sync'ing mailboxes and passwords which would probably be pretty complex to deal with.
Good luck,
John Brozycki
I know this is asking for a lot if information and would like to say thank you in advance and if anyone can answer this question for me and comes to the St. Louis area, I will buy them lunch.
Thanks,
Bill
