DNS Settings for Domain Controllers
- 
 Just wanted to confirm the settings I use for AD DNS in a two-DC setup. Is the primary DNS itself or the other server? I cannot for the life of me remember... Thanks, 
 A.J.
- 
 I've always set it up so that the primary is itself, with the tertiary being the secondary. Not sure if that is right or wrong. 
- 
 Always itself as primary. You never want lookups going to a high latency source. 
- 
 This isn't a DC thing. This is basics of DNS servers. DNS servers always use themselves first for a lookup. Then their mates, nearest first. 
- 
 @scottalanmiller said: This isn't a DC thing. This is basics of DNS servers. DNS servers always use themselves first for a lookup. Then their mates, nearest first. That's what I figured, but I wanted to confirm. Thanks! 
- 
 Next question...to make it a second DC, do I join it to the domain and then install the roles, or install the AD roles and then it will join automatically? I've never setup a second DC before... 
- 
 @thanksajdotcom said: Next question...to make it a second DC, do I join it to the domain and then install the roles, or install the AD roles and then it will join automatically? I've never setup a second DC before... Just install the AD role after joining to the domain. Takes care of everything. 
- 
 @scottalanmiller said: @thanksajdotcom said: Next question...to make it a second DC, do I join it to the domain and then install the roles, or install the AD roles and then it will join automatically? I've never setup a second DC before... Just install the AD role after joining to the domain. Takes care of everything. Sweet. Thanks! 
- 
 Machine is joined to the domain and renamed to what makes sense to me. Now I just need to let updates finish and I'll reboot for it all at once.  
- 
 The server had 131 updates to do on the first round. It's been on 86/131 for a bit now, so it must be a decent-sized one. 
- 
 @scottalanmiller said: Always itself as primary. You never want lookups going to a high latency source. That is unless you are adding a new DC in another subnet you will need to set the primary as the DNS as another DC first until your promote it and it replicates. For some reason I've found when doing DCpromo it doesn't failover to the second DNS a lot of times. 
- 
 @thecreativeone91 said: That is unless you are adding a new DC in another subnet you will need to set the primary as the DNS as another DC first until your promote it and it replicates. For some reason I've found when doing DCpromo it doesn't failover to the second DNS a lot of times. That's always the case. You can't point DNS to itself until after it's a full fledged, working DNS server. Have to do things in order. 
- 
 @scottalanmiller said: @thecreativeone91 said: That is unless you are adding a new DC in another subnet you will need to set the primary as the DNS as another DC first until your promote it and it replicates. For some reason I've found when doing DCpromo it doesn't failover to the second DNS a lot of times. That's always the case. You can't point DNS to itself until after it's a full fledged, working DNS server. Have to do things in order. Well I think in the same subnet I usually have just left it DHCP set until it was up so that makes sense, since no clients would be contacting it. 
- 
 @thecreativeone91 said: Well I think in the same subnet I usually have just left it DHCP set until it was up so that makes sense, since no clients would be contacting it. That makes sense. But would qualify as setting the DNS to point to the other server. Whether static or DHCP, same setting in the end. 
- 
 Got the second DC setup and trust is established between the two servers and we're good! 
- 
 Well, I think...I'm pretty sure... 

