-1

If I introduce a member Windows 2000 server into my domain (not a DC, just a member) and set up that new server to be a DNS server as a Primary (not secondary or AD integrated). Does the Domain Controller Master (forest root in this case) send a copy of its zones to that Primary I just turned on? My primary is empty since it is brand new. I also don't want my DNS erased by my empty Primary :), if that's a possibility.

Thanks.

edit: Ok. I'm trying to get rid of it! :). My DC/Forest root has a 3GB hard drive. That drive is full, and to upgrade my AD, I'm thinking the adprep forest prep for 2k3 will need more than 100MB (I may have less). So, I've built a "transition" server. It has Window 2000 on it. And, it has a 40GB hard drive. I will transfer all the roles to the interim server and then upgrade to 2003. At that point I have a Dell R310 with 2008 R2. I will then get the roles on that machine, upgrade ad, demote the interim. Don't ask. I inherited it. It's the only thing I know to do. I can't blow up or hose up anything in the process.

johnny
  • 2,328
  • 9
  • 37
  • 57
  • Did you create a new Primary zone for the same domain name as your AD domain? – Mathias R. Jessen May 30 '13 at 21:09
  • 3
    Windows 2000??!? – TheCleaner May 30 '13 at 21:14
  • 2
    Why are you introducing a new server into your environment that has a 15 year old OS on it that hasn't had patches released in years? – MDMarra May 30 '13 at 21:16
  • 1
    Hey have you heard of this new SCM called git? And this new configuration management tool called Puppet?? This new ZFS filesystem looks promising doesn't it? 2005 is definitely shaping up to be a fascinating year in technology! – Joel E Salas May 30 '13 at 21:20
  • see edit and you'll know why. – johnny May 30 '13 at 22:54
  • @MDMarra Yes. I am. – johnny May 30 '13 at 22:55
  • 1
    ADPrep usually only requires about double the space of the AD database. AD databases are usually *very* small. Look at `ntds.dit` multiply by two and that's how much space you need. Unless you have a huge domain, it's probably only going to be a few dozen MB. Deleting temp files, patch caches, and even compressing the HDD should free up more than enough space. – MDMarra May 30 '13 at 22:59
  • This thing is slap full but I will look. – johnny May 30 '13 at 23:55

2 Answers2

5

The answer to your question is "no." Domain Controllers won't do anything to a primary zone on another server and that primary zone will not do anything to the ADI zones on your DC either.

MDMarra
  • 100,734
  • 32
  • 197
  • 329
  • How do I get my DNS records on that new primary so it can be used for DNS? I don't want it to be the forest root yet, but eventually will, and eventually be AD integrated. I need to get those DNS records on my new primary and leave the old root intact, then promote the new server to a DC. Thanks for help. – johnny May 30 '13 at 22:53
  • You're doing it wrong. First of all, don't do this on Windows 2000 Server. Second of all, those records are in ADI zones, you you should just make this server into a Domain Controller and the records will automatically populate. Then, when you're ready, decommission the current server. All of this sounds like an awful idea, though. The OS is 15 years old, you clearly don't have much Active Directory experience, and what you're proposing doesn't even make sense, since your terminology is so jumbled. Seriously, hire a consultant to assist and get a newer version of Windows Server. – MDMarra May 30 '13 at 22:56
  • 1
    Also, there's no such thing as "primary" or "Domain Controller Master" as it relates to Domain Controllers. This makes it difficult to understand what exactly it is that you have or want to get to and betrays your lack of AD experience. I'm not trying to be mean, but really, get some help. – MDMarra May 30 '13 at 23:03
  • Primary is a DNS term. DC is the domain controller. The forest root holds our AD integrated DNS. – johnny May 30 '13 at 23:54
  • @johnny Right, but you keep misusing them. Like saying: `"...will eventually be a DC and then later the root"` That doesn't make any sense. A forest root is a *domain* not a server. And no one calls a server hosting a primary zone a "Primary" server. I'm not trying to argue terminology with you, but from what I can tell, you don't have a fundamental understanding of how AD works. – MDMarra May 30 '13 at 23:57
  • a forest root in the context of my question is most definitely a forest root domain controller. – johnny May 31 '13 at 14:54
  • A forest root is not a domain controller. It is a **domain**. You can add a domain controller to a forest root, but it does not magically become *the* forest root somehow. It simply offers directory services for the domain which is at the root of the forest. – MDMarra May 31 '13 at 14:59
  • I believe you and do appreciate help. I was getting my terminology from places like this http://technet.microsoft.com/en-us/library/cc739460(v=ws.10).aspx – johnny May 31 '13 at 15:15
  • Right, that document describes domain controllers that are in a forest root domain. You keep referring to *the* root, as if it's a singular server with a special role. It's not. If a server is a DC, then there's no additional step to make it `"later the root"` as you've said. It's either a DC in the forest root domain, or it's a DC in a child domain. You don't make a server into a DC and then later do something to make it at "root" (which isn't a real thing). Does your forest structure even have multiple child domains in it? – MDMarra May 31 '13 at 15:28
  • No. One domain. I am just going to promote my member server to a DC. It will configure the DNS for me on the new DC from the First DC in the Forest, which is what I meant by the Forest Root Domain Controller. – johnny May 31 '13 at 15:32
  • If you only have one domain, then **every** domain controller is in the forest root, and is thus a forest root domain controller. When you have one domain, that domain is the forest root domain. Everything in your domain is in the forest root. It's not a special distinction that only one DC gets. – MDMarra May 31 '13 at 15:33
1

The distribution of an AD-integrated zone is controlled by the replication scope of the directory partition in Active Directory that stores the zone. For forest-wide replicated DNS zones that would mean all Domain Controllers in the forest. Thus, you won't have any information "overwritten" on the member server

When you create a new primary zone from scratch, only the server you created it on will be listed as a Name Server for that zone. Since Zone Transfers are only allowed to name servers for a given zone, you can't possible overwrite another DNS servers zone data unless that DNS server is a Name Server for the zone and requests a zone transfer.

So, no

Mathias R. Jessen
  • 25,161
  • 4
  • 63
  • 95
  • I do not understand. How do I get the DNS records into my new primary server that will eventually be a DC and then later the root? – johnny May 30 '13 at 22:54
  • 2
    These are pretty basic properties of AD and DNS. I think you need to go back and review some of the introduction documentation or, preferably, hire someone to educate you on these matters. TechNet has a lot of Introduction articles including [Introduction to Active Directory](http://technet.microsoft.com/en-us/library/cc758535(v=ws.10).aspx). – Mathias R. Jessen May 31 '13 at 13:58