How to speed up AD integrated DNS zone replication? Server 2008 r2
I have about a hundred DNS zones that I need to convert from being not AD integrated to be AD integrated. I want to do this with minimal downtime. So far, my process is:
- Change DNS zone on one DNS server (also domain controller) to be AD integrated
- Delete the DNS zone from the DNS server where it is the secondary zone (also a domain controller)
- Wait a period of minutes for the zone to be replicated to the second server at this site.
- We actually have two sites involved with this, so we have to wait even longer for the replication to the second site
Is there some way to speed up DNS replication between: servers on the same site, and servers at different sites? We have Server 2008 R2 DNS/DCs, and at the 2003 domain functional level.
Solution 1:
Sure is.
Cause Immediate Replication
If you want replication to occur immediately instead of waiting for the typical replication cycle, follow these steps:
- In
Administrative Tools, startActive Directory Sites and Services. - Expand
Sites. There should be at least one site labeled "default-first-site-name" (or others if they have been manually configured). - Expand
default-first-site-name, expandServers, and then expandComputer. - Expand
NTDS Settings. One or more objects are listed in the right pane. One of those objects is a link to the domain controller you want. To see the "friendly" name, right-click an entry and view the name. One of the objects points to the domain controller you want. Right-click that entry, and then clickReplicate Now. The replication is performed immediately.
Note: The time it takes to update the target controller depends on network performance.
Solution 2:
If you want something ticking over in the background, use repadmin: Repadmin
I've used this to do pretty much the same thing. Don't replicate everything, you only need to replicate the dnsDomain partition (i think the DN is dc=domaindnszones,dc=yourdomain,dc=co,dc=uk).
If I was at work right now, I could dig out a working example.
--- EDIT 22/08/2012 ---
Example of repadmin:
%SystemRoot%\System32\repadmin.exe /replicate <target_dc> <source_dc> DC=DomainDnsZones,DC=domain,DC=co,DC=uk
Solution 3:
The OP has probably moved on to other things by now but there is one piece missing from the other answers.
I found the solution on a blog (alexwinner.com, 2012-08-30, Polling interval of an Active Directory Integrated zone by the DNS Service (edit: link removed: see edit history)).
- First you force intersite replication.
Command:repadmin /syncall <REPLACEME-DC-NAME> dc=DomainDnsZones,dc=<REPLACEME-contoso>,dc=<REPLACEME-com> /d /e
(Replace strings in<angle brackets>with the valid names for your environment.) - Then you should force the DNS zone to poll the AD database.
Command:dnscmd /zoneupdatefromds <zone name>
(Replace strings in<angle brackets>with the valid names for your environment.)
Solution 4:
You don't specify what Windows version your DNS server(s) are running or what Windows version your Domain Controller(s) are running, but intrasite replication generally occurs within 15 seconds (to the nearest replication partner in the same site) while intersite replication occurs every 180 minutes and can be changed in ADS&S as HopelessN00b stated in his answer.