Question

Locked

Server 2003 DNS Primary and Secondary Issue

By john.p ·
I am running a Server 2003 Standard domain. I have two AD servers and both of these servers also have the DNS server service installed, configured, and running.

One DC is setup as AD Integrated primary DNS server. The other DC is setup as secondary DNS server and looks to the primary. Zone transfers, updates, and name resolution work perfectly across the board... until I reboot the primary DNS server.

If I install a security update or a patch that requires the DC acting as the primary DNS server to be rebooted everything breaks.

The secondary DNS server will not find the primary, fail, and then becomes the primary DNS server. Once the original primary finishes rebooting it attempts to continue its role as primary and users are unable to log in, users that were already logged in cannot resolve DNS names in the LAN or over the internet.

The only resolution I have that works is to **** away both DNS servers DNS service and rebuild it from scratch. I re-build the primary as AD integrated, re-build the secondary as secondary, and they work exactly as expected... until the primary requires a reboot or is taken offline again.

I have no idea why this is happening. I thought the reason for a secondary DNS server was for redundancy. If the primary is offline the secondary takes over so there is no issue as far as the end user is concerned until the primary lives once more.

Any ideas?! I'm desperate for help.

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Just a question

by Kjell_Andorsen In reply to Server 2003 DNS Primary a ...

Is there a specific reason why you don't set the Zone as AD integrated on the second server? One of the benefits of doing AD integrated zones is to get away from they typical Primary/Seconday setup.

Collapse -

Answer to the question

by john.p In reply to Just a question

I thought that was wrong. I had it setup that way originally but thought having two primary DNS servers would cause a problem.

I take it from your question that having multiple AD integrated primary DNS servers on the same domain doing the same name translation is not just okay but it is the preferred method...?

Collapse -

The point to an AD integrated Secondary Zone

by Dumphrey In reply to Answer to the question

is basically as a read only zone for a remote site, or as a forwarding zone in another domain. Places where you do not want clients to be able to make changes.
In terms of AD integrated, it really doesn't matter which server services the client. All servers should be synched and contain the same data.
"I take it from your question that having multiple AD integrated primary DNS servers on the same domain doing the same name translation is not just okay but it is the preferred method...?"
Yup, because if one goes down, the other just keeps on going in full force. And any new data is replicated to the other when it comes back on-line.

Collapse -

Thanks!

by john.p In reply to The point to an AD integr ...

Thank you both very much for the clarification!

Back to Networks Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums