 |
 |
Interesting that you mention the only one Global Catalog—I actually got some guidance from Microsoft on that and it turns out their recommend configuration is either: only 1 global catalog (which screws your Exchange if you have that DC offline); or (and this is interesting) ALL domain controllers with the GC role. Apparently it's a supported configuration and, as of 2008R2, the recommended one. We also run our controllers with loopback as their DNS address on their NICs, also at Microsoft's recommendation. ---- Jack Kramer Manager of Information Technology Communications and Brand Strategy Michigan State University w: 517-884-1231 / c: 248-635-4955 From: Tim Heckaman <[log in to unmask]<mailto:[log in to unmask]>> Date: Tuesday, October 2, 2012 11:33 AM To: University Relations <[log in to unmask]<mailto:[log in to unmask]>>, "[log in to unmask]<mailto:[log in to unmask]>" <[log in to unmask]<mailto:[log in to unmask]>> Subject: RE: [MSUNAG] DNS Help Jack, I’ve actually gotten a few different opinions on this. I had it set as the loopback address then I was told to just use the actual IP and not the loopback IP. My current setup has the main DNS being the IP of my primary DC. The 2nd DNS is my second DC that is running DNS. My second DC was running as a Global Catalog but I was informed I should only run 1 DC with that so I just recently disabled it on my 2nd DC. I know it’s clear as mud. Thanks for all the help in getting this fixed, I’m still a bit confused but learning a lot. [cid:[log in to unmask]] From: Kramer, Jack [mailto:[log in to unmask]] Sent: Tuesday, October 02, 2012 11:24 AM To: Tim Heckaman; [log in to unmask]<mailto:[log in to unmask]> Subject: Re: [MSUNAG] DNS Help Wait—not sure if I'm understanding you correctly, but you're configuring the DNS settings on your domain controllers, right? Those should always be localhost for primary DNS (127.0.0.1) with no secondary DNS. Domain controllers use their own hosted DNS server for name resolution and go upstream for zones they don't handle through the DNS service. Replication is handled through Active Directory. ---- Jack Kramer Manager of Information Technology Communications and Brand Strategy Michigan State University w: 517-884-1231 / c: 248-635-4955 From: Tim Heckaman <[log in to unmask]<mailto:[log in to unmask]>> Reply-To: Tim Heckaman <[log in to unmask]<mailto:[log in to unmask]>> Date: Friday, September 28, 2012 11:40 AM To: "[log in to unmask]<mailto:[log in to unmask]>" <[log in to unmask]<mailto:[log in to unmask]>> Subject: [MSUNAG] DNS Help I’m sure this is an easy answer but it has got me stumped. I’m running 2 DC’s with DNS. I have 1 nic on each machine. In the DNS fields of those nics I have the primary DC as the first IP to go to to resolve IPs. In the second I’ve tried leaving it empty (obviously not correct) and I’ve tried using the MSU IP’s listed in the network values on http://network.msu.edu/netinfo/netvalues.html When I run a “Scan This Role” I get errors that say “DNS: The DNS server (IP address) on Local Area Connection must resolve Global Catalog resource records for the domain controller” and a slew of other errors. I’m also getting warnings that say “DNS: Root hint server (IP address) must respond to NS queries for the root zone. Obviously I’m not a DNS guy but I’ve tried everything I know to do, and a ton of research and I’m no closer to getting this issue resolved. Everyone still has internet access, including my servers but I don’t like having warnings and errors in my logs. If there is a DNS guru out there that would like to help a noob out please let me know. Thanks [cid:[log in to unmask]]