RE: [ActiveDir] AD DNS Question
AD Integrated zones can only be primary zones. Change the zone to be a primary zone and then you will be able to convert it to AD Integrated -Original Message- From: Puetz, Christoph [mailto:[EMAIL PROTECTED] Sent: Thursday, June 17, 2004 6:39 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] AD DNS Question Thanks for the response. I do not see an option to convert the secondary zone to an AD integrated one. Can you specify the steps needed? Christoph -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, June 16, 2004 6:30 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD DNS Question Install the DNS server (DNS serverS, for redundancy). Create your zone as secondary on the new DNS server(S), specify your existing DNS server as the Primary Let zone Transfer happen. Convert the secondary zone you created earlier to Primary (AD-Integrated, for good measure) Configure the "Test" clients/servers (AND the DNS servers) to point to your new DNS server(S) in TCP/IP - you can do this by script or use GPO for XP/Win2K3 clients The above should work, but. it would be best if the time between your Test and going live is very short. Short enough for you to see that it really works, and then begin moving everyone to the same DNS servers. If you this your test period will be long, it's better for you to just do this proof-of-concept in a Lab environment. This is because, during your test, using the config I outlined above, you will have 2 distinct places where your clients will be registering and looking for records. This will likely impact resolution. Since your new DNS servers are authoritative for the zone, they will not ask your legacy DNS servers for any records in that zone. The same will be true for your legacy DNS servers. Remember, you don't have to point the DNS clients to the DNS servers manually, it can be easily done via scripts or GPO, so the roll-back consideration that will usually necessitate "test" configuration sould not be significant. Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of Puetz, Christoph Sent: Wed 6/16/2004 2:34 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] AD DNS Question Our AD (Win2K - mixed) mode is 3rd party DNS and WINS and it is giving us headaches all over the place. When the AD got designed Microsoft DNS was not considered an option by the engineer who made the original design. I'd like to change this. My plan is to install Microsoft's DNS on our Domain Controllers and to setup an Active Directory integrated DNS zone so that we get rid of the always ongoing problems caused by using non-Microsoft DNS in our environment. I want to set the existing DNS servers as forwarders so that all other requests are basically still being served by the 3rd party DNS. About the implementation - I want to migrate a small group of users first for testing. Will installing DNS and setting up an AD integrated zone cause any conflicts to the remaining part of my network? Only a few clients will get the different DNS server IPs assigned - everyone else stays on the other ones. Thanks for any feedback. Christoph __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] AD DNS Question
Thanks for the response. I do not see an option to convert the secondary zone to an AD integrated one. Can you specify the steps needed? Christoph -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, June 16, 2004 6:30 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD DNS Question Install the DNS server (DNS serverS, for redundancy). Create your zone as secondary on the new DNS server(S), specify your existing DNS server as the Primary Let zone Transfer happen. Convert the secondary zone you created earlier to Primary (AD-Integrated, for good measure) Configure the "Test" clients/servers (AND the DNS servers) to point to your new DNS server(S) in TCP/IP - you can do this by script or use GPO for XP/Win2K3 clients The above should work, but. it would be best if the time between your Test and going live is very short. Short enough for you to see that it really works, and then begin moving everyone to the same DNS servers. If you this your test period will be long, it's better for you to just do this proof-of-concept in a Lab environment. This is because, during your test, using the config I outlined above, you will have 2 distinct places where your clients will be registering and looking for records. This will likely impact resolution. Since your new DNS servers are authoritative for the zone, they will not ask your legacy DNS servers for any records in that zone. The same will be true for your legacy DNS servers. Remember, you don't have to point the DNS clients to the DNS servers manually, it can be easily done via scripts or GPO, so the roll-back consideration that will usually necessitate "test" configuration sould not be significant. Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of Puetz, Christoph Sent: Wed 6/16/2004 2:34 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] AD DNS Question Our AD (Win2K - mixed) mode is 3rd party DNS and WINS and it is giving us headaches all over the place. When the AD got designed Microsoft DNS was not considered an option by the engineer who made the original design. I'd like to change this. My plan is to install Microsoft's DNS on our Domain Controllers and to setup an Active Directory integrated DNS zone so that we get rid of the always ongoing problems caused by using non-Microsoft DNS in our environment. I want to set the existing DNS servers as forwarders so that all other requests are basically still being served by the 3rd party DNS. About the implementation - I want to migrate a small group of users first for testing. Will installing DNS and setting up an AD integrated zone cause any conflicts to the remaining part of my network? Only a few clients will get the different DNS server IPs assigned - everyone else stays on the other ones. Thanks for any feedback. Christoph __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] AD DNS Question
Hi, Installating a Microsoft DNS will not effect your network. you can Install and configure DNS at any time through the Confiure your server through the administrative tools. Forget about any conflict, but stiil if you are not confident then you can configure the Srandard primary DNS first, testt it for couple of days and later on you can configure the Standard primary DNS to Active Directory Integrated DNS. For any other query please let me know , I will be glad to assist you. Manjeet"Puetz, Christoph" <[EMAIL PROTECTED]> wrote: Our AD (Win2K - mixed) mode is 3rd party DNS and WINS and it is giving us headaches all over the place. When the AD got designed Microsoft DNS was not considered an option by the engineer who made the original design. I'd like to change this. My plan is to install Microsoft's DNS on our Domain Controllers and to setup an Active Directory integrated DNS zone so that we get rid of the always ongoing problems caused by using non-Microsoft DNS in our environment. I want to set the existing DNS servers as forwarders so that all other requests are basically still being served by the 3rd party DNS. About the implementation - I want to migrate a small group of users first for testing. Will installing DNS and setting up an AD integrated zone cause any conflicts to the remaining part of my network? Only a few clients will get the different DNS server IPs assigned - everyone else stays on the other ones. Thanks for any feedback. Christoph__This email has been scanned by the MessageLabs Email Security System.For more information please visit http://www.messagelabs.com/email __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we.
RE: [ActiveDir] AD DNS Question
Install the DNS server (DNS serverS, for redundancy). Create your zone as secondary on the new DNS server(S), specify your existing DNS server as the Primary Let zone Transfer happen. Convert the secondary zone you created earlier to Primary (AD-Integrated, for good measure) Configure the "Test" clients/servers (AND the DNS servers) to point to your new DNS server(S) in TCP/IP - you can do this by script or use GPO for XP/Win2K3 clients The above should work, but. it would be best if the time between your Test and going live is very short. Short enough for you to see that it really works, and then begin moving everyone to the same DNS servers. If you this your test period will be long, it's better for you to just do this proof-of-concept in a Lab environment. This is because, during your test, using the config I outlined above, you will have 2 distinct places where your clients will be registering and looking for records. This will likely impact resolution. Since your new DNS servers are authoritative for the zone, they will not ask your legacy DNS servers for any records in that zone. The same will be true for your legacy DNS servers. Remember, you don't have to point the DNS clients to the DNS servers manually, it can be easily done via scripts or GPO, so the roll-back consideration that will usually necessitate "test" configuration sould not be significant. Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of Puetz, Christoph Sent: Wed 6/16/2004 2:34 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] AD DNS Question Our AD (Win2K - mixed) mode is 3rd party DNS and WINS and it is giving us headaches all over the place. When the AD got designed Microsoft DNS was not considered an option by the engineer who made the original design. I'd like to change this. My plan is to install Microsoft's DNS on our Domain Controllers and to setup an Active Directory integrated DNS zone so that we get rid of the always ongoing problems caused by using non-Microsoft DNS in our environment. I want to set the existing DNS servers as forwarders so that all other requests are basically still being served by the 3rd party DNS. About the implementation - I want to migrate a small group of users first for testing. Will installing DNS and setting up an AD integrated zone cause any conflicts to the remaining part of my network? Only a few clients will get the different DNS server IPs assigned - everyone else stays on the other ones. Thanks for any feedback. Christoph __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/