Quick Question (probably a Long Answer)

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I have DNS running on my DC and have just set up an ISA server that also Runs DNS, how do I get them to replicate.??

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Is the ISA server in active directory ? if so and the DC's Zone is AD integrated then just right click on forward lookup zones under the server name in the DNS mmc and select new zone, select AD integrated and follow the wizard.

 

IF ISA server is running DNS then I am guessing that ISA server is config. as DC in existing domain. If so, then as Phil said, configure new zone on ISA and select AD Integrated, specify the same DNS name as on DNS Server and let AD replication take the strain.

If sepearte DNS namespace then on both, select new zone, configure as Secondary zones, specify the name of the OTHER DNS namespace then let DNS replicate between itself.

If the latter then configure DHCP or static to give primary and seconday DNS IP addresses, then if one falls over at least you have FT for a default of one day.


Hope this helps!

Any more info required just ask.

 

OK, This is a new area for me so you will have to spell it out.

Heres a few more details on my set up

My server is a DC running AD, DHCP, and DNS, Everything works fine.

I have set up My ISA Server and have installed DNS on it and set up the forward and reverse lookup zones. the internal NIC points to the Server as it's primary DNS server and itself as it's alternative, the external NIC points to the server as it's primary DNS and a DNS Server belonging to my ISP as it's alternative.

The forward lookup zone on the ISA doesn't seem to have any entries in it at all, not even the 4 folders: _msdcs, _sites, _tcp, _udp. it does however have 2 enties, namely State of authority and nameserver.

Hope that helps to resolve the matter of replicating DNS.


I tried the above on the info from the above post on the ISA server (right click onforward lookup zone) but it would not let me select active directory integrated. On the server when I right click on forward lookup zone I can select active directory integrated but it does not seem to add anything to the ISA's DNS. Also what name do I use after selecting AD intergrated?

 

Ah, the ISA server will also need to be a DC to get AD data replicated to it, sorry forgot to mention that. If you don't want to make it a DC you can just create a secondary zone to the DC, all updates will be done on the DC then replicated to the ISA server as a read only copy. To do this

right click on forward lookup zones and select new zone...
in the wizard select secondary
set the domain it is going to hold a copy of to the same as is on the DC
tell it the ip address of the DC to pull the replicated data from
off the top of my head I can't think of any other major steps to it but I think that covers the important stuff on the ISA server

On the DC you need to make sure the ISA server is allowed to replicate the data from it by right clicking on the server name in the DNS mmc and selecting properties, on one of the tabs you can enter the IP addresses of servers which are allowed to pull data from it, just enter the ISA Servers internal nic address

 

Well I have done all that but I am still getting the Error messages.

 

second what Phil says. Yep I to did not realise ISA was not a DC.


Just another quick point, on your DC (not ISA) just check to see if you have the "." zone. If you have you will need to delete this as this is the root zone. If you cannot resolve names from within your own DNS namespace then the ISA DNS will NOT contact you secondary (ISP) as it will receive a negative response from root.

As Phil mentioned on DC DNS, select the "only to the following servers" choice in relation to Zone Transfers and add IP address of ISA DNS. The default with AD Integrated Zones is "Any server".

Any more info, then just shout!

 

I'm going to have to put this on hold as My server fell over last night and doesn't seem to want to do much at the moment, thanks for all your help and advice, once I get back onto this project I am sure this thread will be resurrected.

Thanks Again folks