December 16, 2008 at 2:56 am
K. Brian Kelley (12/15/2008)
True. On start-up it likely will, but after that it should keep its own time. We've had that problem.
this is only true for MS VS2005, under VMware ESX if the vmware tools are set to host then that is where the VM will get its time from, period. If using this config you'd need to ensure the hosts are configured properly for NTP to a reliable source. There are many reports of people who have fell foul to this (had this ourselves although not with DC's) and its just a gotcha to be aware of.
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
December 16, 2008 at 5:39 am
Greetings,
ok, I am proceeding to the installation of a second DNS on DC2.
Will it hurt if I delete the 2 NS entries that seem useless?
Also, what do I do with the DNS server service running on the exchange server?
Thank you
P.S.: I really should have taken more attention on those things when I studied for my MCSE 2000.......
MBA
MCSE, MCDBA, MCSD, MCITP, IBM DB2 Expert, I-Net+, CIW
Proud member of the NRA
-Anti-gun laws prevent law abiding citizens to buy guns and defend themselves against bad guys who do not care about the law and get their gun illegally.
- Democracy is 2 wolves and one sheep talking about their next dinner. Freedom is 2 wolves and one armed sheep with a .357 magnum talking about their next dinner.
December 16, 2008 at 7:14 am
Check the primary DNS zone on DC1, this is the zone that matches your FQDN of your domain. Right mouse click and on the general tab you will see it mention what type of zone (primary or secondary) should be primary and also the replication scope, for 2003 DNS I recommend you choose all DNS servers in the forest .....
You should also check to see if scavenging is enabled, this setting for the zone is on the general tab and is a button called aging. Check to make sure you have it enabled for the zone. Then you need to check the DNS server properties and the advanced tab, scavenging should be enabled as well.
You should remove the NS records for non-existant servers, after installing DNS on DC2 you should olny have two NS records, DC1 and DC2
December 16, 2008 at 8:36 am
Sean,
I did everything you asked and there is one thing.
Change zone replication scope is currently set on to all domain controllers in the active directory domain.
(It is the 3rd option button)
Do you mean that I need to change that to all DNS servers in the active directory forest?
Thank you
MBA
MCSE, MCDBA, MCSD, MCITP, IBM DB2 Expert, I-Net+, CIW
Proud member of the NRA
-Anti-gun laws prevent law abiding citizens to buy guns and defend themselves against bad guys who do not care about the law and get their gun illegally.
- Democracy is 2 wolves and one sheep talking about their next dinner. Freedom is 2 wolves and one armed sheep with a .357 magnum talking about their next dinner.
December 16, 2008 at 9:11 am
Yes That would be my recommendation. Once you have done that you can use NSLOOKUP to verify DNS is properly returning lookups on DC2. Google NSLOOKUP to get the commands to change the target server and run queries.
With DNS and GC on DC2 you should be set for an outage on DC1, as long as all member servers and clients point to DC2 for secondardy DNS
December 16, 2008 at 9:45 am
Perry Whittle (12/16/2008)
K. Brian Kelley (12/15/2008)
True. On start-up it likely will, but after that it should keep its own time. We've had that problem.
this is only true for MS VS2005, under VMware ESX if the vmware tools are set to host then that is where the VM will get its time from, period. If using this config you'd need to ensure the hosts are configured properly for NTP to a reliable source. There are many reports of people who have fell foul to this (had this ourselves although not with DC's) and its just a gotcha to be aware of.
Yeah, we've dealt with this on ESX. Older versions don't have a time daemon, either, though you could always install one. That's why one of our procedures on ESX servers was to always make sure the host had the right time before bringing any VMs on-line.
K. Brian Kelley
@kbriankelley
December 16, 2008 at 9:48 am
As Sean has indicated, your initial priority is to get DNS up on the second DC, get the zones in-synch and make sure that all works. Step 2 would be to get DHCP updated to include both DNS servers. Once that's done, proceed with clean-up.
Delete the NS records that are invalid.
Keep the MX record. You need that.
Determine why there is a DNS server on the Exchange server. If it's not needed, de-install it when you get an opportunity.
K. Brian Kelley
@kbriankelley
December 16, 2008 at 10:32 am
Greetings,
Seconday DNs installed and running on DC1.
I updated the forward lookup zone by adding DC2.
I checked all the reverse lookup zones and DC2 was listed in properties/servers.
Do I need to do something else to test?
Also, to add the secondary to DHCP, is it as simple as that:
1 - Open DHCP
2 - Right click server options
3 - General tab,add DC2
Do I need to do anything else so the clients, next time they log will be configured with the secondary DNS?
Guys, I want to say thank you again with your help. It is VERY greatly appreciated.
Thank you
MBA
MCSE, MCDBA, MCSD, MCITP, IBM DB2 Expert, I-Net+, CIW
Proud member of the NRA
-Anti-gun laws prevent law abiding citizens to buy guns and defend themselves against bad guys who do not care about the law and get their gun illegally.
- Democracy is 2 wolves and one sheep talking about their next dinner. Freedom is 2 wolves and one armed sheep with a .357 magnum talking about their next dinner.
December 16, 2008 at 11:11 am
kestak (12/16/2008)
Greetings,Seconday DNs installed and running on DC1.
I updated the forward lookup zone by adding DC2.
I checked all the reverse lookup zones and DC2 was listed in properties/servers.
Do I need to do something else to test?
Also, to add the secondary to DHCP, is it as simple as that:
1 - Open DHCP
2 - Right click server options
3 - General tab,add DC2
Do I need to do anything else so the clients, next time they log will be configured with the secondary DNS?
Guys, I want to say thank you again with your help. It is VERY greatly appreciated.
Thank you
Yes, the clients should pick up the settings the next time thety renew. DHCP clients should attempt to automatically renew the IP at 1/2 the lease time. You can always force a renew by ipconfig /renew from the command line of a client. This is a good way to verify that you've got the settings correct.
K. Brian Kelley
@kbriankelley
December 16, 2008 at 11:58 am
Greetings,
I am testing the DNS. When I type
c:\>nslookup
>server DC1 IP address here
>set type=ALL
>yourdnszone.net
It works fine.
But when
c:\>nslookup
>server DC2 IP address here
>set type=ALL
>yourdnszone.net
It times out... Did I miss something?
Thank you
MBA
MCSE, MCDBA, MCSD, MCITP, IBM DB2 Expert, I-Net+, CIW
Proud member of the NRA
-Anti-gun laws prevent law abiding citizens to buy guns and defend themselves against bad guys who do not care about the law and get their gun illegally.
- Democracy is 2 wolves and one sheep talking about their next dinner. Freedom is 2 wolves and one armed sheep with a .357 magnum talking about their next dinner.
December 16, 2008 at 12:15 pm
Do you see the zone on the second DNS server when you use the DNS interface?
K. Brian Kelley
@kbriankelley
December 16, 2008 at 12:22 pm
Greetings,
yes, I do. DC2 is like a mirror of DC1.
Thank you
MBA
MCSE, MCDBA, MCSD, MCITP, IBM DB2 Expert, I-Net+, CIW
Proud member of the NRA
-Anti-gun laws prevent law abiding citizens to buy guns and defend themselves against bad guys who do not care about the law and get their gun illegally.
- Democracy is 2 wolves and one sheep talking about their next dinner. Freedom is 2 wolves and one armed sheep with a .357 magnum talking about their next dinner.
December 16, 2008 at 12:25 pm
If you run the nslookup from the DC2 box itself, do you get the same result (timeout)?
K. Brian Kelley
@kbriankelley
December 16, 2008 at 12:38 pm
Greetings,
no timeout at all. I am getting the same thing than on DC1
By the way, I did not reboot and when I try to do ipconfig/renew on any server I am getting:
"The operation failed as no adapter is in the state permissible for
this operation."
Thank you
MBA
MCSE, MCDBA, MCSD, MCITP, IBM DB2 Expert, I-Net+, CIW
Proud member of the NRA
-Anti-gun laws prevent law abiding citizens to buy guns and defend themselves against bad guys who do not care about the law and get their gun illegally.
- Democracy is 2 wolves and one sheep talking about their next dinner. Freedom is 2 wolves and one armed sheep with a .357 magnum talking about their next dinner.
December 16, 2008 at 1:31 pm
kestak (12/16/2008)
Greetings,no timeout at all. I am getting the same thing than on DC1
By the way, I did not reboot and when I try to do ipconfig/renew on any server I am getting:
"The operation failed as no adapter is in the state permissible for
this operation."
Thank you
Do an ipconfig /all and see if DHCP enabled is set to No. If it is, that means you have a static IP.
K. Brian Kelley
@kbriankelley
Viewing 15 posts - 16 through 30 (of 45 total)
You must be logged in to reply to this topic. Login to reply