Home / server / Questions / 419658
Accepted
northben
Asked: 2012-08-22 06:30:04 +0800 CST

How to speed up AD integrated DNS zone replication? Server 2008 r2

  • 772

I have about a hundred DNS zones that I need to convert from being not AD integrated to be AD integrated. I want to do this with minimal downtime. So far, my process is:

  1. Change DNS zone on one DNS server (also domain controller) to be AD integrated
  2. Delete the DNS zone from the DNS server where it is the secondary zone (also a domain controller)
  3. Wait a period of minutes for the zone to be replicated to the second server at this site.
  4. We actually have two sites involved with this, so we have to wait even longer for the replication to the second site

Is there some way to speed up DNS replication between: servers on the same site, and servers at different sites? We have Server 2008 R2 DNS/DCs, and at the 2003 domain functional level.

domain-name-system

5 Answers

  1. Best Answer

    Sure is.

    Cause Immediate Replication

    If you want replication to occur immediately instead of waiting for the typical replication cycle, follow these steps:

    1. In Administrative Tools, start Active Directory Sites and Services.
    2. Expand Sites. There should be at least one site labeled "default-first-site-name" (or others if they have been manually configured).
    3. Expand default-first-site-name, expand Servers, and then expand Computer.
    4. Expand NTDS Settings. One or more objects are listed in the right pane. One of those objects is a link to the domain controller you want. To see the "friendly" name, right-click an entry and view the name. One of the objects points to the domain controller you want. Right-click that entry, and then click Replicate Now. The replication is performed immediately.

    Note: The time it takes to update the target controller depends on network performance.

    • 19

  2. The OP has probably moved on to other things by now but there is one piece missing from the other answers.

    I found the solution on a blog (alexwinner.com, 2012-08-30, Polling interval of an Active Directory Integrated zone by the DNS Service (edit: link removed: see edit history)).

    • 7

  3. If you want something ticking over in the background, use repadmin: Repadmin

    I've used this to do pretty much the same thing. Don't replicate everything, you only need to replicate the dnsDomain partition (i think the DN is dc=domaindnszones,dc=yourdomain,dc=co,dc=uk).

    If I was at work right now, I could dig out a working example.

    --- EDIT 22/08/2012 ---

    Example of repadmin:

    %SystemRoot%\System32\repadmin.exe /replicate <target_dc> <source_dc> DC=DomainDnsZones,DC=domain,DC=co,DC=uk
    • 6

  4. You don't specify what Windows version your DNS server(s) are running or what Windows version your Domain Controller(s) are running, but intrasite replication generally occurs within 15 seconds (to the nearest replication partner in the same site) while intersite replication occurs every 180 minutes and can be changed in ADS&S as HopelessN00b stated in his answer.

    • 2

  5. Try this, worked in my situation albeit a different situation. After removing the secondary zone and changing the primary zone to ad domain integrated zone, first ensure the zone transfers are setup correctly then reload the zone on the primary. In my case reloading the zone on primary forced the immediate sync to the other dns servers specified in the name servers tab.

    • 0