Proper Configuration of DNS server for our new branch office

Hi All,
Our new office will setup a new branch office with a routed network link to our HO. In HO, we have 2 domain controllers configured as AD and DNS just for fail over scenarios.
How will we configure the DNS server of our 3rd domain controller which we will placed in the new branch office. What would be the proper settings of DNS server integrated to AD to work well especially to have a successful replication and communication to
the 2 DC's located in HO?

Hi,
If you have multiple DC's in that site i would recommend using any of the partner DC's IP addresses as preferred one and secondary DNS IP to pointing to itself. Dont use loopback addresses configure it with actual IP addresses.
If you have only one server in branch office point itself as the primary DNS and HO DC as secondary and tertiary.
Make sure that all clients in your branch site are pointing to the branch DC as primary DNS server.
Regards,
Rafic
If you found this post helpful, please give it a "Helpful" vote.
If it answered your question, remember to mark it as an "Answer".
This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

Similar Messages

  • We want to purchase new server for our server room

    We want to purchase a new server for our server room please let me know how to get it directly from HP. we also want a backup server with that. 
    Please help us to find out the best option 
    With Best Regards

    Greetings,
    Welcome to the HP Forum.
    Please provide the following information:
    Customer / Your Region/Country
    Products interest (prod. names)
    If you can do that, I can send along the information to HP and seek the correct contacts for you.
    Thanks!
    Click the Kudos Thumbs-Up to show appreciation and say Thanks.
    Although I strive to reflect HP's best practices, I do not work for HP. 
    Click Accept as Solution when the Answer is a good Fix or Workaround to your Question!
    Kind Regards,
    Dragon-Fur

  • Externally Hosted DNS - How do I set up my 2003 DNS server for sub domain to point to internal IP address??

    I have a domain name(domain.com) DNS hosted at my ISP. I also have 3 sub domains DNS hosted at the same ISP pointing to various external ip addresses (mail.domain.com, vpn.domain.com and ts.domain.com). We want to set up sales.domain.com to point to an
    internal 10. IP address. We have AD integrated DNS servers for our 2003 AD domain. The AD domain name is totally different than the hosted domain name in question. I currently edit the host file for a couple of PC's but this isnt practical company wide so
    I want to add entries on our internal AD DNS servers to resolve the locally hosted site. If i recall, someone once told me that you cannot just put an A record for one sub domain, I would have to have entries on my 2003 DNS server to resolve anything related
    to the domain.com name. Is this accurate? If so, what is the proper way to configure my 2003 AD DNS server to resolve anything domain.com related for my internal users while still allowing my ISP to do the DNS lookup for the internet.

    On my 2003 AD integrated DNS server...i rightclick forward lookup zone and choose...new zone..primary zone (store zone in AD checkbox checked)..i chose to all DNS servers in the AD domain for replication...zone name sales.domain.com....allow secure updates
    option....then i added an A record in that zone...sales.domain.com..pointed that towards my internal 10. IP address...is this correct? It seems to be working correctly for the sales.domain.com DNS record...and i tested the other sub domains...and those look
    like they are going to my ISP for DNS resolution...
    Is this the correct procedure? I did this on a test AD domain and not my production...i want to make sure i dont break everything under the domain.com by incorrectly adding 1 sub domain..

  • Configuring Mountain Lion Server for iOS MDM

    Hi all,
    I am an admitted newbie to the Mac world. That said, I am in the process of setting up an OsX 10.8 server to handle the MDM for our iPad deployment. This is in a school district that runs all Windows in Active Directory.
    I attempted to do the setup with no luck. So, I tried to reset the server back to the defaults and found that the settings I had made previously were still there.
    What I need to know is how should I go about getting back to essentially scratch with this setup? Once I have that, what is the correct setup process to get me to where I can enroll the iPads to do the wireless MDM? We do not need to have access to the server from any other devices. No other services are needed like email, file shares etc. We have several sites on many different subnets but all on the same network.
    A few specifics I do need to know is which network configuration would be preferred for our type of network? I'm thinking Private since everything will be handled internally. Also, regarding the certificates, is an SSL certificate required? And last, I read that there are some TCP ports that need to be opened. Is this required if we are running strictly internal with this?
    Sorry for rambling on and my inexperience. I appreciate any help anyone can give.
    Thanks!

    You can use .private but if there is EVER the possibility that this would be used outside your LAN, then I would use a FQDN.
    You do not need a commercial certificate. A self-signed will work fine.
    The default self-signed has a 1 year expire. If you don't want to deal with updating the cert in a year, I would create a new 5 year cert.
    This option is harder to find now with mountain lion.
    From the Certificates section in Server, first click the gear and choose 'show all certficates', then hit the + button and choose 'Create a trusted certificate'. You will see a button to override defaults. This allows you to have a different expire date.
    You can reset the profile manager data (stored in postgres) with:
    sudo /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/wipeDB.sh

  • Do I need to run local DNS server for NAT/DHCP to work?

    Hello,
    I'm coming across all kinds of explanations how to set up a server for public access, having a static IP and a pointed domain, but I have a dynamic public IP and don't need the server to be accessible through a domain name. I just want all the computers in my office to connect to the web over 1 cable connection. I've used Gateway Setup Assistant to set up NAT and DHCP and DNS and what not, but it didn't work out of the box. After some bootpd.plist fixes I now have DHCP working, it's handing out IP addresses, but all LAN connected machines cannot get onto the web, only the server can.
    What am I doing wrong? Should I configure my DNS server differently? Or should it not be on at all, couldn't the local machines use my ISP's DNS servers?
    Currently DNS is configured like this:
    Settings are:
    accept recursive queries from the following networks: localnets
    forwarder IP addresses: (empty)
    Zones are:
    private. primary zone
    134.23.24.in-addr.arpa. reverse zone

    Though still a valid question for others I guess, I got my DNS working. The network preferences didn't have external DNS servers configured for the local network interface.

  • Cisco Catalyst 6500 version 12.2(33)SXI13 configured as DHCP server for a VLAN responds to Windows 7 client with status code NOA

    Can anyone help figure out why the Catalyst 6509 is not able to assign an IPv6 address? Thank you.
    Cisco Catalyst 6500 version 12.2(33)SXI13 configured as DHCP server for a VLAN responds to Windows 7 client with status code NOADDRS-AVAIL(2). My configuration on the 6500 for the DHCPv6 server is:
    ipv6 dhcp database disk0://DHCPV6-DB
    ipv6 dhcp pool VLAN206IPV6
     prefix-delegation pool VLAN206IPV6-POOL
     dns-server 2620:B700:0:1001::53
     domain-name global.bio.com
    ipv6 local pool VLAN206IPV6-POOL 2620:B700:0:12C7::/65 65
    interface Vlan206
     description *** IPv6 Subnet ***  
     ip address 10.2.104.2 255.255.255.0
     ipv6 address 2620:B700:0:12C7::2/64
     ipv6 nd prefix 2620:B700:0:12C7::/64 14400 14400 no-autoconfig
     ipv6 nd managed-config-flag
     ipv6 dhcp server VLAN206IPV6
     standby version 2
     standby 0 ip 10.2.104.1
     standby 0 preempt
     standby 6 ipv6 2620:B700:0:12C7::1/64
     standby 6 preempt
    I'm getting a result from my debug as follows:
    Apr 10 16:28:02.873 PDT: %LINK-3-UPDOWN: Interface GigabitEthernet2/2, changed state to up
    Apr 10 16:28:02.873 PDT: %LINK-SP-3-UPDOWN: Interface GigabitEthernet2/2, changed state to up
    Apr 10 16:28:02.877 PDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/2, changed state to up
    Apr 10 16:28:03.861 PDT: IPv6 DHCP: Received SOLICIT from FE80::5D5E:7EBD:CDBF:2519 on Vlan206
    Apr 10 16:28:03.861 PDT: IPv6 DHCP: detailed packet contents
    Apr 10 16:28:03.861 PDT:   src FE80::5D5E:7EBD:CDBF:2519 (Vlan206)
    Apr 10 16:28:03.861 PDT:   dst FF02::1:2
    Apr 10 16:28:03.861 PDT:   type SOLICIT(1), xid 8277025
    Apr 10 16:28:03.861 PDT:   option ELAPSED-TIME(8), len 2
    Apr 10 16:28:03.861 PDT:     elapsed-time 101
    Apr 10 16:28:03.861 PDT:   option CLIENTID(1), len 14
    Apr 10 16:28:03.861 PDT:     00010001195FD895F01FAF10689E
    Apr 10 16:28:03.861 PDT:   option IA-NA(3), len 12
    Apr 10 16:28:03.861 PDT:     IAID 0x0FF01FAF, T1 0, T2 0
    Apr 10 16:28:03.861 PDT:   option UNKNOWN(39), len 32
    Apr 10 16:28:03.861 PDT:   option VENDOR-CLASS(16), len 14
    Apr 10 16:28:03.861 PDT:   option ORO(6), len 8
    Apr 10 16:28:03.861 PDT:     DOMAIN-LIST,DNS-SERVERS,VENDOR-OPTS,UNKNOWN
    Apr 10 16:28:03.861 PDT: IPv6 DHCP: Option IA-NA(3) is not supported yet
    Apr 10 16:28:03.861 PDT: IPv6 DHCP: Sending ADVERTISE to FE80::5D5E:7EBD:CDBF:2519 on Vlan206
    Apr 10 16:28:03.861 PDT: IPv6 DHCP: detailed packet contents
    Apr 10 16:28:03.861 PDT:   src FE80::21D:E6FF:FEE4:4400
    Apr 10 16:28:03.861 PDT:   dst FE80::5D5E:7EBD:CDBF:2519 (Vlan206)
    Apr 10 16:28:03.861 PDT:   type ADVERTISE(2), xid 8277025
    Apr 10 16:28:03.861 PDT:   option SERVERID(2), len 10
    Apr 10 16:28:03.865 PDT:     00030001001DE6E44400
    Apr 10 16:28:03.865 PDT:   option CLIENTID(1), len 14
    Apr 10 16:28:03.865 PDT:     00010001195FD895F01FAF10689E
    Apr 10 16:28:03.865 PDT:   option STATUS-CODE(13), len 15
    Apr 10 16:28:03.865 PDT:     status code NOADDRS-AVAIL(2)
    Apr 10 16:28:03.865 PDT:     status message: NOADDRS-AVAIL

    Hello,
    maybe hitting the following bug.
    Pv6 Address Assignment Support for IPv6 DHCP Server
    CSCse81385
    Hope this helps

  • We are using the Azure server for our web services. Server is generating an error "Unable to connect to the remote server". What is this error means

    We are using the Azure server for our web services. Server is generating an error "Unable to connect to the remote server". What is this error means  

    Hello,
    Did you means that you use the Windows Azure Virtual Machine DNS name as the server name in the Reporting Server Web Services URL?
    For example:
    Report server:http://uebi.cloudapp.net/reportserver
    Report manager:http://uebi.cloudapp.net/reports
    If you want to connect to Report Manager on the virtual machine from a remote computer, you should create a  virtual machine TCP Endpoint and open the port in the virtual machine’s firewall. By default, the report server listens for HTTP requests
    on port 80.
    Reference:http://msdn.microsoft.com/en-us/library/jj992719.aspx#bkmk_ssrs_connect_2_remote_RM
    Regards,
    Fanny Liu
    Fanny Liu
    TechNet Community Support

  • GSS as primary DNS Server for Intranet

    Hi,
    Can the GSS be used as a as primary DNS server for Intranet? An additional DNS server can be configured to answer the unknown Records like MX by GSS.
    if it can be configured, I would be thankful if anyone shares with me the brief configuration steps Apart from configuring Answers, answer groups, domain lists, source address lists, DNS rules.
    with thanks
    sathappan

    Yeah I'd certainly recommend against it! So essentially the client machines are unable to update or query dynamic AD related DNS records since they're not pointing to the DNS servers actually used by your AD server(s). I could well imagine that causing
    issues, and meaning that some AD functionality won't work correctly.
    I know you can directly integrate BIND with AD, eg so that the BIND servers are the ones used by AD, though I haven't tried it, but this seems to be neither.
    I can't find any articles relating to your exact situation, presumably no one else has tried to use such a mixed and disjoined setup. I'd focus on looking for articles relating to why you shouldn't point your users at a router (most commonly in small setups
    on ADSL) for the DNS rather than directing them to the server for DNS and then having that query the router for external results. It's a more common scenario and you're more likely to find articles relating to it.
    One article you might find useful is
    http://msmvps.com/blogs/acefekay/archive/2009/08/17/ad-and-its-reliance-on-dns.aspx which talks in terms of using your ISP's DNS servers on the client machines, but in your situation it sounds like the BIND servers are essentially providing an equivalent
    setup.
    There's also various discussions and comments on the topic elsewhere on these forums, for instance
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/c3ba3859-765e-4b3f-add0-eaf2c18e1068/i-have-dns-in-a-router-and-i-want-to-install-domain-controller?forum=winservergen and
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/b5df8fd4-7ab2-4d1e-afe2-c5263c4d69c3/dns-server-forwarding-and-clients-getting-address-of-registrars-ip?forum=winserverNIS which are worth checking out.

  • Dns server for specific domain

    Is there a way to define a dns server for a specific domain?
    I'm setting up a develop machine with an amp stack and i want to redirect all urls with a specific domain (i.e. project.dev) to 127.0.0.1.
    I've done this on OSX with dnsmasq configured in this way:
    # dnsmasq.conf
    address=/.dev/127.0.0.1
    listen-address=127.0.0.1
    port=35353
    and adding a dev file in /etc/resolver with this content
    # /etc/resolver/dev
    nameserver 127.0.0.1
    port 35353
    but this in arclinux with dhcpd doesn't work.
    I've tested dnsmasq with
    dig [email protected] -p 35353
    and it works (the address returned is 127.0.0.1) so the problem is the resolver.
    I've also tried either put into /etc/resov.conf.head this:
    # /etc/resolv.conf.head
    nameserver 127.0.0.1
    port 35353
    and configure dnsmasq with the default 53 port without luck.
    This is my /etc/resolv.conf
    # /etc/resolv.conf
    nameserver 127.0.0.1
    nameserver 192.168.0.1

    On linux you should simply run all dns request through one nameserver that forwards everything it doesn't understand. [Edit: You can do that with dnsmasq.] Another simple way to create a local developer zone would be to use wildcard_dns_proxy instead.
    Last edited by progandy (2015-03-03 17:20:29)

  • Need a rack server for our company

    Hi,
           we are looking for a rack server for our oraganisation        
    Hardware specs we are looking for:
    Dual processor
    about 128GB RAM
    2-4tb of Hard Drive Space
    1GB ethernet
    Need prduct descrion and price details for it.
    Thanks,
    Sanjeev
    9872284774

    Hi,
    Depending what your server is (shape and size) and you plan for future usage not CPU, RAM or anything inside. Please check the following lists:
       http://www.4cabling.com.au/server-racks-network-cabinets.html
       http://www.ebay.com.au/bhp/server-rack-cabinet
    Note: You can buy rack(s) from any supplier, no need IBM or HP or Dell .... racks (actually they are more expensive than racks from companies which sell racks/cabinets).
    Regards.
    BH
    **Click the KUDOS thumb up on the left to say 'Thanks'**
    Make it easier for other people to find solutions by marking a Reply 'Accept as Solution' if it solves your problem.

  • Error CIM_ERR_FAILED - Configure the integration server for sld

    Hi,
    I´m running the Configuration Wizard SLD in "PI_00_This wizard will execute Postinstall steps of technical configuration for the PI Usage". In step 33/142 Configure the integration server for sld, I got following error:
    Error: CIM_ERR_FAILED: Qualifier MAX(1) violated for property reference SAP_XIIntegrationServerLogicalIdentity.SameElement
    Someone help me?
    Regards,

    The version is 7.0. I skip this step and finished with sucess. No run the step:
    PI_00_This wizard will execute Postinstall steps of technical configuration for the PI Usage  Cancelled
    PI_01_This template checks if the necessary services are started                                         Cancelled
    PI_05_This wizard will configure the integration server for sld                                                 Incompletely executed
    These steps are with the same error.
    Error: CIM_ERR_FAILED: Qualifier MAX(1) violated for property reference SAP_XIIntegrationServerLogicalIdentity.SameElement

  • Publish request fails for our new issue.

    Publish request fails for our new issue. Is it the service or subscription problem? How do I find out?
    Thanks.

    It was neither.
    Rebuilding the folio and uploading it again has solved my problem.

  • Configure proxy and dns server for a single URLConnection

    Hello!
    I am relatively new to network programming in Java so I was looking for a solution to set a DNS server and a PROXY server for one SINGLE UrlConnection. The settings should only be used in one thread, while another thread maybe has different settings.
    The most suggestions I found on the net looked like follows:
    Proxy:
    System.setProperty("proxyPort","8080");
    System.setProperty("proxyHost","proxy");
    DNS Server
    sun.net.spi.nameservice.provider.<n>=<default|dns,sun|...>
    sun.net.spi.nameservice.nameservers=<server1_ipaddr,server2_ipaddr ...>
    sun.net.spi.nameservice.domain=<domainname>
    The problem is that both solutions are not thread safe and the settings are valid system wide (as far as I am understand). In my application a lot of different workerThreads open a connection to a remote server via URLConnection , for example:
    URL url = new URL("http://www.sun.com");
    HttpURLConnection con = (HttpURLConnection) url.openConnection();In the worst case 200 different workerThreads open a connection nearly at the same time. If the worst case happens one workerThread changes the DNS and PROXY settings and in the next step another thread which already has set dns and proxy tries to connect to a specified server with wrong dns and proxy settings.
    One solution would be to synchronize the whole method that configures the connection and tries to connect to a remote server but that would be a very bad solution for me, because all other threads have to wait until the last thread has finished.
    My question: Is there a possibility to configure a different DNS server and a different PROXY server for each URLConnection, for example something like:
    URL url = new URL("http://www.sun.com");
    HttpURLConnection con = (HttpURLConnection) url.openConnection();
    con.setProxyHost("proxy");
    con.setProxyPort("3128");
    con.setProxyUsername("user");
    con.setProxyPassword("pass");
    con.setDNS("85.27.63.2");Thanks in advance for your answers.
    Kind regards,
    Buliwyf

    Mainly because it's in the spec. I did not figure out exactly why it is necessary to use different dns servers. Let me give you a quick glimpse what the application should do:
    The application checks if a URL is still available and returns an xml file with a return code (401 for example), connection time, an extract of thesource code and other information. This event repeats periodically (every 10 s, 20 min...). Therefore the customer has a good overview about the availability of his websites.
    The customer himself controls the process with a xml configuration file that is read on the startup of the application. In the xml file you can find information like: connection timeout, http proxy, https proxy, used user agents, prefered request method (post or get) and regretfully even the DNS server that should be used.
    Regretfully I don't have a chance to get the dns removed from the spec. The GUI which delivers the xml is already implemented and won't be changed.

  • Moving from Exchange 2007 to 2013 (leaving the DNS Server for it's own dedicated server)

    Hello! I am quite new to Exchange and Server management in general. I will do my best to explain my situation.
    I am looking to move my Exchange server off of our DNS server. When we installed them on the same server, we did not have the funds to buy 2 separate servers. I am told that it is best to separate the two. I have followed the Microsoft instructions for installing
    the prerequisites for Exchange 2013 on a 2012 R2 server, and i am at the point where it wants me to configure AD LDS. As I have active directory running on the current server, I was a little hesitant to just install it without understanding what i am doing.
    After the AD LDS is configured, I believe i can move forward with installing Exchange 2013 (all 3 roles will be hosted on the new server), export the mailboxes from 2007 server and import them into the new Exchange 2013 server. After 2013 is up and stable,
    I plan on removing 2007 from the old server (DNS server).
    What are my next steps after importing the mailboxes? Am i missing important details that I need to change or migrate?
    My biggest fear is that nothing works after the installation and moving the mailboxes over. For that case, it makes sense to keep 2007 installed as a fallback for when my installation fails and all i have lost is just my time :)
    Current Server:
    Windows Server 2008 Standard (64 bit)
    1. Roles: Active Directory, DNS, IIS
    2. Software: Exchange 2007
    New Server:
    Windows 2012 R2 Server
    1. Roles: ???
    1. Software to install: Exchange 2013
    Thank you for any help you can provide!

    These are good resources, but i am still caught up with the active directory issue.  Am I able to keep the old Domain/DNS/Active directory on it's current server and move Exchange 2007 off onto a new server (with Exchange 2013)?
    In the first example, he is moving everything (domain controller, exchange, users, etc) onto a different server and decommissioning it.I've been told that it would be better practice to keep the domain and exchange on 2 different servers. Is this true?
    I go to run commands like:
    .\setup /PrepareAD /OrganizationName: orgname /IAcceptExchangeServerLicenseTerms
    on the new exchange server, as a prerequisite and it doesnt recognize the command - even after following the steps before. Is this because the new server is not a domain controller? does it have to be? What are the best practices for setting up a server(s)
    with exchange + domain controller?
    Thanks for responding.

  • How to use DNS server for name resolution for items which don't exist in active directory domain controller DNS

    Dear Experts,
    In our office we have a domain controller call it 'Office.com', all computers and corporate servers e.g. exchange, antivirus etc. are member of this 'office.com', it is also having a DNS. All users in office have there preferred DNS set to the corporate
    DNS
    We are working for ministry and offering services to them from our data center so have many servers which are for ministry but they are in our data center. For all these servers we created another DNS server which contains all entries for these servers in
    forward and reverse lookup zones. In this DNS we also created a forward lookup zone for our corporate servers and zone name is 'office.com'
    What we are trying to have is name resolution of all servers which are listed in other DNS build in our office on Win 2008 R2 for ministry servers
    If the user change his preferred DNS to ministry DNS he can resolve the ministry server but then we can not control any thing through group policy since they are using other DNS and not the corporate DNS. 
    How this can be done ? like any group policy applied to corporate domain controller must take effect on users and in addition to this user must also be able to resolve server names in ministry project DNS
    Please assist ASAP.
    regards,

    Hello,
    ok so the GPO setting doesn't apply in any case.
    Clients machines use the first DNS server in the list of configured ones on the NIC. If that one is available search for additional DNS servers will stop.
    What i can not really understand is your description about the second DNS server. This should normally either another DC with AD integrated DNS, so everything is replicatedwithin AD replication or you use a secondary DNS on domain member server that pulls
    the informations from the Master.
    It sounds for me that you have configured a machine with DNS server role and created manually the zone with the same name as the domainand manually create there the required A records?
    Best regards
    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/
    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

Maybe you are looking for