We have 2 hardware interfaces on our Active Directory Domain Controllers. The secondary interface should never be listed in our domain's DNS zone, but it is. This is problematic because most machines on the network do not have access to the secondary subnet that the DCs are on.
For example, our primary subnet is 10.10.10.0, the secondary network is 192.168.0.0. When clients on the primary network query our AD DNS servers for the DC address, they often get 192.168.0.15 as a result. Clients aren't on that subnet, so everything breaks.
I've tried every combination of advanced DNS settings on the secondary interface on both machines and yet, the secondary IP always ends up being published in the domain DNS zone. I've unchecked "register this connection's address in DNS" with no success. I've left that checked and set a different DNS suffix for the connection (for a different, working zone) along with checking the "Use this connection's DNS suffix in DNS registration" box to no avail. Of course, I always delete the incorrect DNS listing before trying these settings.
Any ideas would be appreciated!
Best Answer
More than one network adapter is not recommended on domain controllers.
Routers should do routing not domain controllers :)
Although there are workarounds I think all of them are only causing more trouble when You forget about them later and want to revert back.
Usefull links:
or just google search for multihomed domain controllers. You will always get same answer: - not recommended / causing troubles / but possible.