GC & DNS ISSUE

Discussion in 'DNS Server' started by mastermind, Apr 24, 2007.

  1. mastermind

    mastermind Guest

    Hi,
    I have 2 Windows 2003 Servers with ONE running DNS, i am thinking of putting
    a second DNS internally to handle requests if the first goes offline or gets
    rebooted, can i just install a second DNS server on one of the other servers
    and configure them both to replicate info between them, then give all my
    clients both dns server address's.
    Are there any performance issues in doing this, is there anything i need to
    be aware of before i start this if i can indeed do it ?

    Also I hav made GC to my other DC.
    To TEST i Have shut down my main DC .so that my additonal DC shld take
    charge .

    But eas not able to my DOMAIN using my add. DC
    Alo I am getting error that : Active directory unable to find GC. "

    wHY I AM GETTING THIS ERROR.

    HOW TO RESOLVE MY ISSUE.
     
    mastermind, Apr 24, 2007
    #1
    1. Advertisements

  2. mastermind

    Myweb Guest

    Hello mastermind,

    Just to become clear:
    - both 2003 are DC
    - one of them is DNS/GC
    - the other is only GC

    your thoughts are ok for a second DNS. Is the first DNS Active Directory
    integrated? If not make it, then it will replicate over AD to other DNS server,
    no additional configuration is needed.
    If you install DNS to the second DC make sure that the server points only
    to the first DNS server. After installation it take time for replication
    (min.15 minutes) so give it time.

    If the second server is also DNS server, the error you get, should disappear.
    The DC/GC has NO DNS in the moment, but minimum one DNS is also needed for
    the domain to run. And if you shut down your first DNS for testing no DNS
    is available.

    Also take care that the clients get also the second DNS server address for
    their NIC settings.

    Best regards

    Myweb
    Disclaimer: This posting is provided "AS IS" with no warranties, and confers
    no rights.
     
    Myweb, Apr 24, 2007
    #2
    1. Advertisements

  3. Hi,
    When the first server is offline you need to change your AD clients to use
    the second DNS server as the "preferred" DNS server.

    hth
    DDS
     
    Danny Sanders, Apr 24, 2007
    #3
  4. mastermind

    Herb Martin Guest


    Let's recommend he do it slightly differently: Set all of the DNS clients,
    including the DCs, to use BOTH of the the DNC-DCs so that when
    one is down the fail over is automatic.
     
    Herb Martin, Apr 24, 2007
    #4
  5. Let's recommend he do it slightly differently: Set all of the DNS
    Have you actually gotten this to work? Because I haven't.

    I was hoping it would work this way but I haven't had any luck getting it to
    work that way.
    Not on a Win 2k domain or a Win 2k3 domain w/ Win 2k Sp 4 and XP SP 2
    clients.

    What's the secret?

    TIA
     
    Danny Sanders, Apr 24, 2007
    #5
  6. mastermind

    Jeremy Guest

    It should work so long as the primary DNS server is completely offline. Is
    DNS is running but not responding with the right info it wont fail over to
    the secondary.
     
    Jeremy, Apr 25, 2007
    #6
  7. mastermind

    mastermind Guest

    Hi My Web

    My Both server are DC
    mY Root DC was GC as well as PRIMARY DNS server.
    For backup & fail over senario i have made my add. DC as dns server for for
    my client it have to DNS.

    For the testing perpose i shut down my root dc to verify that my client
    still able to login using my add. dc with secondry DNS.
    bUT Login was unsussessfull. I got error in event viewr that

    ""Active Directory was unable to establish a connection with the global
    catalog. ""

    So that I made my add. DC as GC but still it didnt work.I got same error on
    my event
    viewer.

    Tell me how i can i configure fail over senario.
    Let me know where did wrong...
    why it is not working...

    Regards
    Mastermind
     
    mastermind, Apr 25, 2007
    #7
  8. mastermind

    Herb Martin Guest

    Of course -- this is the normal way that most everyone does it.

    Unless of course we have somehow miscommunicated and you are
    talking about something else.

    Each of the internal DNS servers SHOULD be in the DNC Client
    properties as Preferred with Alternate(s) until you have 2-5 or
    so at least.

    All DNS servers listed must however return the EXACT SAME
    set of answers. You cannot have one server return some zones and
    expect another server to return others.
    What's you problem when you try it?
     
    Herb Martin, Apr 25, 2007
    #8
  9. mastermind

    Herb Martin Guest

    All DNS Server used by the clients must return all of the correct answers
    the
    clients will ever legitimately need.
     
    Herb Martin, Apr 25, 2007
    #9
  10. Read inline please.

    In
    nslookup gc.msdcs.<forestrootdomain> should return the IP addresses of
    Global Catalogs, does it?

    nslookup -qtype=srv _gc._tcp.<ForestRootDomain> should return Global Catalog
    names in the forest, does it?


    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    Send IM: http://www.icq.com/people/webmsg.php?to=296095728
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Apr 25, 2007
    #10
  11. I'm talking about just the 1 AD integrated DNS zone. Each DNS server listed
    on the client are participating in the AD integrated DNS.

    Take the "preferred" DNS server down and the client does not seem to roll
    over to the "alternate".

    Put the alternate as preferred on the client and things work as expected.
    I've tested with Win 2k SP 4 servers and Win 2k and XP clients and Win 2k3
    servers with Win 2k and XP clients, the "roll over" never seems to happen.

    DDS
     
    Danny Sanders, Apr 25, 2007
    #11
  12. mastermind

    Herb Martin Guest

    No of zones is irrelevant -- clients are using a DNS server (set) to find
    all zones.

    Participating is NOT even DIRECTLY required. All that is required is
    that every DNS server listed (as preferred OR alternate) be able to
    resolve every name the users will ever need.
     
    Herb Martin, Apr 25, 2007
    #12
  13. No of zones is irrelevant -- clients are using a DNS server (set) to find
    I only said 1 zone to indicate there were no stub zones or anything fancy.
    Just the AD integrated DNS zone for the domain.
    I said it was participating in the AD integrated zone as a way to indicate
    that it has the same zone information as the preferred DNS server. It
    *should* be able to resolve the same information as the preferred.

    Just say it's a flat domain, 2 AD integrated DNS servers been replicating
    with each other for a year with no errors. Take the preferred DNS server off
    line and the client does not "roll over" to use the alternate DNS server in
    my experience.


    DDS
     
    Danny Sanders, Apr 25, 2007
    #13
  14. mastermind

    Herb Martin Guest

    Still doesn't matter.
    Sure it will. Happens all the time -- were this not the case then
    people would be complaining all of the time and also there would
    be no reason for the multiple DNS servers on the client config.

    You have some other problem in there someplace.
     
    Herb Martin, Apr 25, 2007
    #14
  15. mastermind

    Jeremy Guest

    I'm not sure what your comment means. My understanding is that a DNS client
    wont query the secondary if it doesn't get the info it need from an online
    primary. It will only query the secondary if the primary doesn't respond.
     
    Jeremy, Apr 25, 2007
    #15
  16. mastermind

    Herb Martin Guest

    DNS Clients have no concept of "Primary" or "Secondary" for
    resolution -- they use one DNS server as "Preferred" and others
    as Alternate(s).

    That is true -- I have been saying that all along explicitly.

    It is INCORRECT to configure a DNS Client with multiple DNS
    servers which don't return the SAME information, that is, which
    cannot resolve EVERY request the DNS Client will ever legimately
    make.
     
    Herb Martin, Apr 25, 2007
    #16
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.