Forum Discussion

Iron Contributor

Dec 27, 2020

DNS order in Active Directory Server

We have 6 server active directory - 3 server in DC : DC1,DC2,DC3 - 3 server in DR : DR1,DR2,DR3 - ALL server the same site in active directory (Default first Site) - DC1 : hold FSM...

Active Directory

Iron Contributor

Dec 30, 2020

Tien Ngo ThanhSo should all dc point to Primary : DC1 ? because it hold FSMO .

MVP

Dec 30, 2020

If they're all in the same site it really doesn't matter.

Tien Ngo Thanh
Iron Contributor
Dec 30, 2020
Dave PatrickIf change FSMO to another server then need change dns client point to this server hold FSMO ? and what's happen if DC1 failure then all server point dns first to DC1 has problem ?
- Dave Patrick
  MVP
  Dec 30, 2020
  
  If change FSMO to another server then need change dns client point to this server hold FSMO ?
  
  No, this is not necessary. Intrasite DNS replication occurs within 15 seconds, 15 minutes max.
  
  and what's happen if DC1 failure then all server point dns first to DC1 has problem ?
  
  If the FSMO role holder fails then you can seize roles to another healthy one
  
  Transfer or seize FSMO roles - Windows Server | Microsoft Docs
  
  then perform cleanup
  
  https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
  
  https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-controller-server/ba-p/280564
  
  then rebuild the failed one.
  - Tien Ngo Thanh
    Iron Contributor
    Jan 06, 2021
    I still worry about DNS Client in active directory . Link two way https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/best-practices-for-dns-client-settings
    Method 1 : prefer DNS 127.0.0.1 alter all dns remain
    Method 2 : prefer DNS primary dc fsmo alter all dns remain and last 127.0.0.1
    So best how

Resources