Forum Discussion
should use DNS separate server with active directory ?
Current our system as below - Client , Server point dns to all server active directory - active directory forward dns to two server dns external dmz to resolve dns external - internal dns zone cre...
Normally all clients and servers point to two DNS servers at least, if possible one in their own site and one in a remote site as backup. (Sometimes it doesn't matter, if WAN link is down you probably can't do much anyway). This can be a Domain controller with Active Directory integrated zones and a forwarder for external lookups, in your case to external DMZ servers which forward those requests outside of your network.
Does your environment only have one Domain Controller? If so, then it's a good idea to setup another one (If possible, perhaps it's not possible when you are using Windows SBS, Foundation or Essentials) or use a member server with the DNS server role on it.
Does your environment only have one Domain Controller? If so, then it's a good idea to setup another one (If possible, perhaps it's not possible when you are using Windows SBS, Foundation or Essentials) or use a member server with the DNS server role on it.
we have five server Domain Controller , and all server set two dns primary and secondary is all ip of server ad remain , but because i worry if primary dns failed then can some server effect. should want build two server dns standalone to can if primary failed then secondary dns can change to IP primary simple than AD
- Because the zones are Active Directory integrated? All domain controllers can write to their own copy of the DNS zone, they are all primary so to say. If one domain controller fails, the registration continues on the one which you configured as second dns server in your network card configuration.
https://www.windowstechno.com/what-is-ad-integrated-dns/- Yes , here I worry member server set primary dns is AD1 , secondary AD2 . IF AD1 offline can effect to resolve dns of member ?
- If the member server can't reacht AD1 for DNS resolving, and it has AD2 configured as secondary dns... Then it will use AD2 for DNS resolving, it the DNS zone is AD Integrated then AD2 will always have a synced up-to-date writeable copy of the DNS zone.
If you're worried about this, remove the AD1 DNS ip-address from the member server so that it only has AD2 as it's DNS server. If everything still works, then you know enough 😉