How to migrate an existing DNS infrastructure from a BIND-based server to a Windows Server 2003-based DNS (323419)


The information in this article applies to:

  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows Small Business Server 2003, Standard Edition
  • Microsoft Windows Small Business Server 2003, Premium Edition
This article was previously published under Q323419

SUMMARY

This step-by-step guide describes how to replace an existing Domain Name System (DNS) infrastructure with a new Windows Server 2003 DNS infrastructure. This includes installing the Windows Server 2003-based DNS server and configuring it to perform name resolution and dynamic updates; as a result, resources and servers can be centrally located. Additionally, zone transfers are used to migrate BIND-based server zones to the Windows Server 2003-based DNS server. Make sure that the following conditions exist:
  • The computer is running Windows Server 2003, Standard Edition server or Windows Server 2003, Enterprise Edition server and is a member server or domain controller in a Windows Server 2003 domain.
  • You have direct access to the computer console or access through Terminal Services administration.
  • You log on to the local computer as a member of the administrators group.
back to the top

Install and Configure a Windows Server 2003-Based DNS Server

Before you can migrate DNS services from a DNS server that is running another DNS server implementation (such as the Berkeley Internet Name Domain [BIND] software), you must:
  • Install the Windows Server 2003 DNS service on a computer that is running Windows Server 2003, Standard Edition server or Windows Server 2003, Enterprise Edition server.
  • Configure the Windows Server 2003 DNS service.
This section describes the steps to install and configure the Windows Server 2003 DNS service.

back to the top

Install Windows Server 2003 DNS Service Manually

Before you can configure DNS, you must first install the DNS service on the server. You can install DNS either during the initial installation of Windows Server 2003 or after the initial installation is complete. If you use the Active Directory Installation Wizard, you have the option to install and configure DNS when you configure the domain controller.

To install the DNS service on an existing installation of Windows Server 2003, follow these steps:
  1. Click Start, point to Control Panel, click Add or Remove Programs and then click Add/Remove Windows Components.
  2. In the Windows Component Wizard, click Networking Services (click the name, not the check box) in the Components list, and then click Details.
  3. In the Networking Services dialog box, click to select the Domain Name System (DNS) check box if it is not already selected, and then click OK.
  4. In the Windows Components Wizard, click Next to start Windows Server 2003 Setup. Insert the Windows Server 2003 installation CD-ROM into the CD drive or DVD drive if you are prompted to do so.

    Setup copies the DNS service and tool files to your computer.
  5. When Setup is complete, click Finish.
To install the DNS service during the initial installation of Windows Server 2003, Standard Edition or Windows Server 2003, Enterprise Edition, follow steps 2 and 3 when you are prompted to install and configure Windows components.

For a DNS server to function properly, the DNS server has to have a forward lookup zone that hosts the locator records for the DNS server's local domain. A forward lookup zone contains information to resolve names in the DNS domain. You may want to also configure a reverse lookup zone that allows users to determine the name of a local resource based on its IP address.

back to the top

Configure Windows Server 2003 DNS Service

To configure the Windows Server 2003 DNS service by using the Configure DNS Server Wizard, follow these steps:
  1. Click Start, point to Administrative Tools, and then click DNS to open the DNS MMC snap-in.
  2. In the navigation pane, click the DNS Server object for your server, right-click the server object, and then click Configure a DNS server to start the Configure DNS server Wizard.
  3. Click Next, click one of the following options, and then click Next:
    • Create a forward lookup zone (recommended for small networks)
      This server is authoritative for the DNS names for local resources but forwards all other queries to an ISP or other DNS servers. The Wizard will configure the root hints but not create a reverse lookup zone.
    • Create forward and reverse lookup zones (recommended for large networks)
      This server can be authoritative for forward and reverse lookup zones. It can be configured to perform recursive resolution, forward queries to other DNS servers, or both. The wizard configures the root hints.
    • Configure root hints only (recommended for advanced users only)
      The wizard configures the root hints only. You can configure forward and reverse lookup zones and forwarders later.
  4. If you clicked Create a forward lookup zone or Create forward and reverse lookup zone in step 3, use one of the following procedures to complete the steps.

Create a Forward Lookup Zone

If you create a forward lookup zone, you can either use your server to maintain the zone, or use the Internet service provider's (ISP) DNS to maintain the zone, in which case the local server maintains a copy of the zone downloaded from the ISP. The following procedure creates a forward lookup zone which is maintained by your server:
  1. Click This server maintains the zone, and then click Next.
  2. In the Zone name box, type the name of the zone. Make sure that the name is the same as the fully qualified domain name (FQDN) DNS domain name for which the zone is authoritative. Click Next.
  3. Click one of the following three options:
    1. Click Allow only secure dynamic updates if the zone is integrated into Active Directory.
    2. Click Allow any dynamic updates for all other zones (that is, zones that are not necessarily integrated into Active Directory).
    3. Click Do not allow dynamic updates if all updates to this zone are to be made manually. Click Next.
  4. Click Yes, it should forward queries to DNS servers with the following IP address to forward queries for names external to your network to another DNS server located elsewhere on the Internet. Typically, you use this option if you use your ISP's DNS server for external name resolution queries. Type the forwarding DNS server's IP address.

    If you do not want to resolve names outside your network by forwarding queries to an external server, click No, it should not forward queries. Click Next, and then click Finish.
back to the top

Create Forward and Reverse Lookup Zones

To configure forward and reverse lookup zones, follow these steps:
  1. Click Create forward and reverse lookup zones (recommended for large networks), and then click Next.
  2. Click Yes, create a forward lookup zone now (recommended), and then click Next.
  3. Click Primary zone, click to select the Store the zone in Active Directory (available only if DNS server is a domain controller) check box, and then click Next.
  4. Click the appropriate replication scope option, and then click Next.
  5. In the Zone name box, type the name of the zone. Make sure that the name is the same as the fully qualified domain name (FQDN) DNS domain name for which the zone is authoritative. Click Next.
  6. Click one of the following three options:
    1. Click Allow only secure dynamic updates if the zone is integrated into Active Directory.
    2. Click Allow any dynamic updates for all other zones (that is, zones that may not be integrated into Active Directory).
    3. Click Do not allow dynamic updates if all updates to this zone are to be made manually.
    4. Click Next.
  7. Click Yes, create a reverse lookup zone now, and then click Next.
  8. Click Primary zone, click to select the Store the zone in Active Directory (available only if DNS server is a domain controller) check box, and then click Next.
  9. Click the appropriate zone replication method, and then click Next.
  10. Click Network ID, and then type the Network ID portion of your IP address that is exposed to the internet. For example, if your IP address is 10.10.10.10, and the subnet mask is 255.255.255.0, the network address portion of the IP address is 10.10.10. Click Next.For additional information about reverse lookup zones, click the article number below to view the article in the Microsoft Knowledge Base:

    164213 Description of DNS Reverse Lookups

  11. Click the appropriate zone dynamic update method, and then click Next.
  12. Click Yes, it should forward queries to DNS servers with the following IP address to forward queries for names external to your network to another DNS server located elsewhere on the Internet. Typically you would use this option if you use your ISP's DNS server for external name resolution queries. Type the forwarding DNS server's IP address in the space below.

    If you prefer not to resolve names outside your network by forwarding queries to an external server, click No, it should not forward queries. Click Next, and then click Finish.
back to the top

Use Zone Transfers to Migrate BIND-Based Server Zones to Windows Server 2003-Based DNS Servers

The process to migrate BIND-based server zones to Windows Server 2003 DNS servers requires the following steps:
  • Add secondary zones to Windows Server 2003 DNS for all of the organization's existing zones that are hosted on BIND-based DNS servers.
  • Initiate zone transfers at the Windows Server 2003-based DNS server to transfer the zones from the BIND-based servers.
  • Convert these secondary zones into primary zones (after the transfers are complete).
  • Change client configurations to point to the Windows Server 2003-based DNS servers.
back to the top

Add a Secondary Zone to a Windows Server 2003-Based DNS Server

To add a secondary zone to a Windows Server 2003-based DNS server, follow these steps:
  1. Click Start, point to Administrative Tools, and then click DNS.
  2. In the navigation pane, expand the DNS server, right-click Forward Lookup Zones, and then click New Zone to start the New Zone Wizard. Click Next.
  3. Click Secondary zone, and then click Next. Type the name of the secondary zone in the Zone Name box, and then click Next.
  4. In the IP address box, type the IP address of the DNS server that you want to copy the zone from. Click Add, and then click Next.
  5. Click Finish.
back to the top

Initiate a Zone Transfer for a Secondary Zone

To initiate a zone transfer for a secondary zone, follow these steps:
  1. Click Start, point to Administrative Tools, and then click DNS.
  2. In the navigation pane, expand the DNS server, expand the Forward Lookup Zones folder, and then find the secondary zone for which you want to initiate data transfer.
  3. Right-click the zone, and then click Transfer from Master.
back to the top

Change the Zone Type

To change the zone type:
  1. Click Start, point to Administrative Tools, and then click DNS.
  2. In the navigation pane, expand the DNS server, expand the Forward Lookup Zones folder, and then find the secondary zone that you want to modify.
  3. Right-click the zone, and then click Properties. Click Change to open the Change Zone Type dialog box.
  4. Click the zone type that you want to convert this secondary zone into, and then click OK.
back to the top

Modification Type:MajorLast Reviewed:1/6/2006
Keywords:kbnetwork kbDNS kbenv kbHOWTOmaster kbNetwork KB323419 kbAudITPro
©2004 Microsoft Corporation. All rights reserved.