Migrate DNS Zones to New DNS environment

11 05 2011

My client needed to transfer DNS zones from one network to another.  Unfortunately, we couldn’t integrate the DNS zones with AD (Public Facing DNS) and two networks couldn’t talk to each other.  So there was no way of doing this completely automated.

Here is how the new DNS infrastructure was configured:

dnsservername1 – Primary DNS Server

dnsservername2 – Secondary DNS Server

Both DNS server have been configured to disable recursion which disables forwarders.  This prohibits the DNS server from resolving to other zones it doesn’t  have added to it.  For example, if someone was using dnsservername1 to resolve www.yahoo.com, it would fail.

Here is how I added the new DNS zones from the old DNS server.

1. Copied all .dns records from c:\windows\system32\dns to dnsservername1 (to same location)

2. Exported registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones from “olddnsserver”.  Within the REG key I deleted all of the reverse lookup zones and secondary servers and imported into dnsservername1.

3. Restarted DNS service on dnsservername1, this allowed the zones to show up in DNS.

4. Changed all zone SOA and Name Server to dnsservername1 as well as adding dnsservername2 as a Name Server.  Configured Zone Transfers to only Name Servers listed.

5. Exported the list of zones from dnsservername1 using the following command. 

a. Get-WmiObject -ComputerName dnsservername1 -Namespace "root\MicrosoftDNS" -Class "MicrosoftDNS_Zone" | foreach {$_.name} | out-file –FilePath c:\temp\dnszones.txt

6. Copy dnszones.txt to dnsservername2 (c:\temp)

7. Imported secondary DNS zones to dnsservername2 using following script.

##Change $ServerName and IP Address

$ServerName = "dnsservername2 fqdn"

$ZoneList = "c:\temp\dnszones.txt"

$zones = Get-Content $zonelist

foreach ($zone in $zones) {

$NewZone=([WMIClass]"\\$ServerName\root\MicrosoftDNS:MicrosoftDNS_Zone").CreateZone($zone , 1, $False, "", @("IP Address"))

}

8. Restarted DNS service on dnsservername2 and allowed waited for zones to transfer.


Comments : Leave a Comment »

Categories : DNS

DSN Queries Fail on 2008 R2

20 01 2011

Keep this DNS issue in the back of your head when migrating from 2003 to 2008 R2 as Microsoft didn’t allow for backwards compatibility with EDNS.  Essentially what happens is when the internal DNS box queries an external DNS source, if the packet is larger than 512 bytes or the remote DNS server doesn’t support EDNS, the query fails.  EDNS was turned on by default in Server 2008 R2 which is why it was never an issue with 2003, 2003 R2 and 2008. 

DNS queries failing on DNS servers that run Windows Server 2008 R2

Extension mechanisms for DNS (EDNS) are enabled by default on Windows Server 2008 R2. If you notice queries that used to work on DNS servers that run Windows 2000, Windows Server 2003, or Windows Server 2008 fail after those DNS servers are upgraded or replaced with DNS servers that run Windows Server 2008 R2 or you notice that queries that the old DNS servers can resolve cannot be resolved by Windows Server 2008 R2 DNS servers, disable EDNS by using the following command:

dnscmd /Config /EnableEDnsProbes 0

Here are a few articles to support the finding.

http://technet.microsoft.com/en-us/library/upgrade-domain-controllers-to-windows-server-2008-r2(WS.10).aspx

http://support.microsoft.com/kb/832223

http://weblogs.asp.net/owscott/archive/2009/09/15/windows-server-2008-r2-dns-issues.aspx


Comments : Leave a Comment »

Categories : AD, AD Migrations, DNS, Server 2008

Create Global Name Zone

20 10 2010

What is a global name zone?  It is a feature in Server 2008 that allows you to create a single label name resolution technology to replace WINS.  WINS is an IPv4 technology and if you are migrating to IPv6, WINS will no longer be an option.  Here is how you enable a Global Name Zone on a Server 2008 DNS server.

1.  On you DNS server, go to a cmd prompt and type dnscmd /config /enableglobalnamessupport 1

2. Create a new forward look up zone call GlobalNames.

3. Add CNAME records for those names you would like single label resolution to.


Comments : 2 Comments »

Categories : AD, DNS

DNS issue with a Single Label Domain

4 02 2010

Clients and servers have issues dynamically registering DNS records in a single label domain.  Here are the steps to resolve this issue.

Problem: http://support.microsoft.com/kb/300684

Resolution: http://windowsitpro.com/article/articleid/96707/register-dns-records-in-a-single-label-domain.html


Comments : Leave a Comment »

Categories : DNS, Microsoft

Add Secondary DNS Zones

20 01 2010

#This script will pull a list of DNS zones and add them to a DNS server as secondary zones.
#Change $ServerName to FQDN or IP of the DNS Server
#Modify $ZoneList for location of file with list of zones
#Writen by Brady Randolph
#01/20/2010

$ServerName = "FQDN"
$ZoneList = "c:\zonelist.txt"
$zones = Get-Content $zonelist

foreach ($zone in $zones) {

$NewZone=([WMIClass]"\\$ServerName\root\MicrosoftDNS:MicrosoftDNS_Zone").CreateZone($zone , 1, $False, "", @("172.16.2.10"))

}


Comments : Leave a Comment »

Categories : DNS, Powershell


Follow

Get every new post delivered to your Inbox.