cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

DNS order in Active Directory Server

%3CLINGO-SUB%20id%3D%22lingo-sub-2016557%22%20slang%3D%22en-US%22%3EDNS%20order%20in%20Active%20Directory%20Server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2016557%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20have%206%20server%20active%20directory%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-%203%20server%20in%20DC%20%3A%20DC1%2CDC2%2CDC3%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-%203%20server%20in%20DR%20%3A%20DR1%2CDR2%2CDR3%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-%20ALL%20server%20the%20same%20site%20in%20active%20directory%20(Default%20first%20Site)%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%20-%20DC1%20%3A%20hold%20FSMO%20(5%20role)%3C%2FP%3E%3CP%3EDNS%20client%20order%20of%20active%20directory%20as%20below%3C%2FP%3E%3CP%3EDC1%3C%2FP%3E%3CP%3EPrimary%20%3A%20DC2%3C%2FP%3E%3CP%3ESecond%20%3A%20DC3%2CDR1%2CDR2%2CDR3%2C127.0.0.1%3C%2FP%3E%3CP%3EDC2%3C%2FP%3E%3CP%3EPrimary%20%3A%20DC1%3C%2FP%3E%3CP%3ESecond%20%3A%20DC3%2CDR1%2CDR2%2CDR3%2C127.0.0.1%3C%2FP%3E%3CP%3EDC3%3C%2FP%3E%3CP%3EPrimary%20%3A%20DC1%3C%2FP%3E%3CP%3ESecond%20%3A%20DC2%2CDR1%2CDR2%2CDR3%2C127.0.0.1%3C%2FP%3E%3CP%3EDR1%3C%2FP%3E%3CP%3EPrimary%20%3A%20DC1%3C%2FP%3E%3CP%3ESecond%20%3A%20DC2%2CDC3%2CDR2%2CDR3%2C127.0.0.1%3C%2FP%3E%3CP%3EDR2%3C%2FP%3E%3CP%3EPrimary%20%3A%20DC1%3C%2FP%3E%3CP%3ESecond%20%3A%20DC2%2CDC3%2CDR1%2CDR3%2C127.0.0.1%3C%2FP%3E%3CP%3EDR3%3C%2FP%3E%3CP%3EPrimary%20%3A%20DC1%3C%2FP%3E%3CP%3ESecond%20%3A%20DC2%2CDC3%2CDR1%2CDR2%2C127.0.0.1%3C%2FP%3E%3CP%3E-%20should%20point%20dns%20to%20primary%20DC%20%3F%20if%20after%20change%20FSMO%20sang%20another%20server%20(example%20DR1)%20then%20need%20change%20primary%20to%20DR1%20%3F%3C%2FP%3E%3CP%3E-%20please%20suggest%20help%20me%20about%20dns%20client%20should%20set%20how%20for%20best%20practice%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2016557%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EActive%20Directory%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EWindows%20Server%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2016795%22%20slang%3D%22en-US%22%3ERe%3A%20DNS%20order%20in%20Active%20Directory%20Server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2016795%22%20slang%3D%22en-US%22%3E%3CP%3EYou%20can%20follow%20along%20here.%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fwindows-server%2Fnetworking%2Fbest-practices-for-dns-client-settings%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EBest%20practices%20for%20DNS%20client%20settings%20-%20Windows%20Server%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2021664%22%20slang%3D%22en-US%22%3ERe%3A%20DNS%20order%20in%20Active%20Directory%20Server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2021664%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F234118%22%20target%3D%22_blank%22%3E%40Tien%20Ngo%20Thanh%3C%2FA%3ESo%20should%20all%20dc%20point%20to%20Primary%20%3A%20DC1%20%3F%20because%20it%20hold%20FSMO%20.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2021768%22%20slang%3D%22en-US%22%3ERe%3A%20DNS%20order%20in%20Active%20Directory%20Server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2021768%22%20slang%3D%22en-US%22%3E%3CP%3EIf%20they're%20all%20in%20the%20same%20site%20it%20really%20doesn't%20matter.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Tien Ngo Thanh
Regular Contributor

‎Dec 27 2020 03:30 AM

‎Dec 27 2020 03:30 AM

DNS order in Active Directory Server

We have 6 server active directory

    - 3 server in DC : DC1,DC2,DC3

    - 3 server in DR : DR1,DR2,DR3

    - ALL server the same site in active directory (Default first Site)

   - DC1 : hold FSMO (5 role)

DNS client order of active directory as below

DC1

Primary : DC2

Second : DC3,DR1,DR2,DR3,127.0.0.1

DC2

Primary : DC1

Second : DC3,DR1,DR2,DR3,127.0.0.1

DC3

Primary : DC1

Second : DC2,DR1,DR2,DR3,127.0.0.1

DR1

Primary : DC1

Second : DC2,DC3,DR2,DR3,127.0.0.1

DR2

Primary : DC1

Second : DC2,DC3,DR1,DR3,127.0.0.1

DR3

Primary : DC1

Second : DC2,DC3,DR1,DR2,127.0.0.1

- should point dns to primary DC ? if after change FSMO sang another server (example DR1) then need change primary to DR1 ?

- please suggest help me about dns client should set how for best practice

 

564 Views
1 Like
11 Replies
Reply
11 Replies
Dave Patrick

‎Dec 27 2020 07:36 AM

‎Dec 27 2020 07:36 AM

Re: DNS order in Active Directory Server

You can follow along here.

Best practices for DNS client settings - Windows Server | Microsoft Docs

 

 

 

0 Likes
Reply
Tien Ngo Thanh

‎Dec 29 2020 04:42 PM

‎Dec 29 2020 04:42 PM

Re: DNS order in Active Directory Server

@Tien Ngo ThanhSo should all dc point to Primary : DC1 ? because it hold FSMO .

0 Likes
Reply
Dave Patrick

‎Dec 29 2020 07:55 PM

‎Dec 29 2020 07:55 PM

Re: DNS order in Active Directory Server

If they're all in the same site it really doesn't matter.

 

 

 

0 Likes
Reply
Tien Ngo Thanh

‎Dec 30 2020 07:16 AM

‎Dec 30 2020 07:16 AM

Re: DNS order in Active Directory Server

@Dave PatrickIf change FSMO to another server then need change dns client point to this server hold FSMO ? and what's happen if DC1 failure then all server point dns first to DC1 has problem ?

0 Likes
Reply
Dave Patrick

‎Dec 30 2020 07:26 AM - edited ‎Dec 30 2020 08:00 AM

‎Dec 30 2020 07:26 AM - edited ‎Dec 30 2020 08:00 AM

Re: DNS order in Active Directory Server


If change FSMO to another server then need change dns client point to this server hold FSMO ? 

No, this is not necessary. Intrasite DNS replication occurs within 15 seconds, 15 minutes max.

 

and what's happen if DC1 failure then all server point dns first to DC1 has problem ?

If the FSMO role holder fails then you can seize roles to another healthy one

Transfer or seize FSMO roles - Windows Server | Microsoft Docs

 

then perform cleanup

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup

https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-contr...

then rebuild the failed one.

 

 

 

 

0 Likes
Reply
Tien Ngo Thanh

‎Jan 06 2021 03:54 AM

‎Jan 06 2021 03:54 AM

Re: DNS order in Active Directory Server

I still worry about DNS Client in active directory . Link two way https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/best-practices-for-dns-clien...
Method 1 : prefer DNS 127.0.0.1 alter all dns remain
Method 2 : prefer DNS primary dc fsmo alter all dns remain and last 127.0.0.1
So best how
0 Likes
Reply
Dave Patrick

‎Jan 06 2021 05:32 AM

‎Jan 06 2021 05:32 AM

Re: DNS order in Active Directory Server

Not sure what the worry is. Whether a domain controller holds FSMO roles or not has no effect on DNS services.

 

 

 

0 Likes
Reply
Tien Ngo Thanh

‎Jan 07 2021 04:37 AM

‎Jan 07 2021 04:37 AM

Re: DNS order in Active Directory Server

@Dave Patrickbest way is method 2 ? current i use method 1 but some time notify replicate response slow

0 Likes
Reply
Dave Patrick

‎Jan 07 2021 06:06 AM

‎Jan 07 2021 06:06 AM

Re: DNS order in Active Directory Server

The better option is to list one or two from local site plus the loopback (127.0.0.1)

 

 

 

0 Likes
Reply
Tien Ngo Thanh

‎Jan 08 2021 03:18 AM

‎Jan 08 2021 03:18 AM

Re: DNS order in Active Directory Server

@Dave Patricksorry i not clear is prefer point to dc1 or dc2 and alter dc2,dc3,dc4,..127.0.0.1 ? another server prefer dc3 (balance server? ) and alter dc2,dc5,dc4,..127.0.0.1 ?

0 Likes
Reply
Dave Patrick

‎Jan 08 2021 06:53 AM

‎Jan 08 2021 06:53 AM

Re: DNS order in Active Directory Server

I'd suggest following the guidance here.

Best practices for DNS client settings - Windows Server | Microsoft Docs

 

 

 

0 Likes
Reply