Background:
we have 150 users using AD on domain ABC. Windows 2003.
that serverDC1 has a DNS, DHCP roles, and there is serverDC2 which is its live DNS backup. logs seem healthy.
then we chose to upgrade to new server (Windows 2008) while keeping the old while we transition groups of users to the new domain called ABCNEW.
we installed a DNS role for the new serverNEW.
We gave a 2-way trust relationship to both domains.
this is all on the same LAN (!).
we currently point the new DC's DNS to our non primary (DR) 2nd backup Router.
primary router T1 data GW is 192.168.1.1, DR router data GW is 192.168.1.2, both plugged to the same switch, the DR router is also the data line for the DHCP server. Keeping the T1 data line for servers only.
Issue 1:
i'm having Windows 7 clients logging into domain ABCNEW and their user profiles disappearing, internet access is flaky, when i give the client pc's a static ip i get weird connection issues.
Issue 2:
On the old domain Administrator accounts no longer have admin rights, even adding Ent Admin to a user doesnt allow the user admin access. not sure this is related but it started happening around the same time.
Issue 3:
Some of the new domain servers (web server, file server) cant access the internet, only internal LAN when on STATIC, but when on DHCP – they can go online but CANNOT contact the new DNS server.
Questions:
1.Can two "DC's" in different domains have two separate DNS servers on the same LAN?
2.Can the old DC's DHCP server service the new domain as well? if so is there a special way of setting this up in the new DC's DNS server settings?
Best Answer
There are a couple of ways that I might configure this.
First way is to add conditional forwarders. In the DNS on the old domain, you'd have a forwarder for the new domain pointing at the new DC/DNS. On the new domain, you'd have a forwarder for the old domain pointing to the old DC/DNS. Your DHCP options would have both the old DC and the new DC as DNS servers.
Second way is to replicate the zones from the new domain to the old DC/DNS as a secondary, and vice-versa. DHCP options would include both servers. This is a little uglier to implement, but does provide a measure of redundancy in the event the sole DNS server for one of the domains is down.
In the interface configuration of Windows computers and servers in an Active Directory domain, it is recommended to only use DNS servers within the Active Directory domain. If you use an external DNS server, such as your ISP or the one provided by your gateway router, you may have lookup failures on the local network because that DNS server does not have the proper entries. Note that Windows may use the secondary server even after the primary server becomes available. Please review support.microsoft.com/kb/320760 for a discussion on server prioritization by the DNS client service.