none
Who's using my internal DNS Server?

    Question

  • Setup :
    Windows Server 2003 R2 - AD,DNS,FILE,
    Windows Server 2008 R2 - AD,DNS,DFS,DHCP,

    I'm in the process of migrating from Windows server 2003 to 2008 R2. I have installed all the bits and bobs, Moved all the roles and now all that's required is for me to demote the old box and remove it off the network.

    My question is this.. Is there anyway for me to tell who may still be using the Server 2003 machine for DNS lookups? I've been round and changed as main static machines that I can think of but I know I'm going to have missed some.

    Thanks

    Matt

    Friday, March 30, 2012 3:48 PM

Answers

  • Assduming as Isaac mentioned, that you've moved DHCP to the new server, and you've changed DHCP Option 006 (DNS addresses) to the new server, and the lease has already lapsed since you've made the change (eg 7 days, and you changed it 2 weeks ago), and you've changes all static configured servers, printers, etc, then you should be good to go.

    .

    Otherwise, if you want to be really really dilligent, run some packet captures using MIcrosoft's Netmon or Wireshark (free) and filter for DNS traffic, to see if any of the traffic is querying the old guy.

    .

    Another option I may suggest is to simply uninstall DNS off the old guy, of course making sure it's NIC DNS entry is only pointing to the new guy, and let the old guy run a week or so and see what happens. Make sure to delete the old guy's name and IP out of the zone's Nameserver tab.

    .

    Note to the wise - During coexistence, if you need to manage the zone in DNS, only manage it using the old server's DNS console. This is because 2008 R2 has new features, and if selecting options in the new 2008 R2 DNS console that don't exist in 2003, you may inadvertently cause major problems with the zone.

    .


    Ace Fekay
    MVP, MCT, MCITP Enterprise Administrator, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBookTwitterLinkedIn


    Sunday, April 01, 2012 3:00 AM

All replies

  • Hi Matt,

    It is hard to tell. If you use DHCP to push DNS IP information then you should be fine. But if some machines or application DNS entry is static, then it is had to tell. But a suggestion might be to just turn off/shutdown the 2003 box for a day or two and see if everything is working as it should and no screaming. Then bring the box back online and demote.

    Hope this helps,


    Isaac Oben MCITP:EA, MCSE,MCC View my MCP Certifications

    Friday, March 30, 2012 6:47 PM
  • Assduming as Isaac mentioned, that you've moved DHCP to the new server, and you've changed DHCP Option 006 (DNS addresses) to the new server, and the lease has already lapsed since you've made the change (eg 7 days, and you changed it 2 weeks ago), and you've changes all static configured servers, printers, etc, then you should be good to go.

    .

    Otherwise, if you want to be really really dilligent, run some packet captures using MIcrosoft's Netmon or Wireshark (free) and filter for DNS traffic, to see if any of the traffic is querying the old guy.

    .

    Another option I may suggest is to simply uninstall DNS off the old guy, of course making sure it's NIC DNS entry is only pointing to the new guy, and let the old guy run a week or so and see what happens. Make sure to delete the old guy's name and IP out of the zone's Nameserver tab.

    .

    Note to the wise - During coexistence, if you need to manage the zone in DNS, only manage it using the old server's DNS console. This is because 2008 R2 has new features, and if selecting options in the new 2008 R2 DNS console that don't exist in 2003, you may inadvertently cause major problems with the zone.

    .


    Ace Fekay
    MVP, MCT, MCITP Enterprise Administrator, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBookTwitterLinkedIn


    Sunday, April 01, 2012 3:00 AM
  • I would also suggest the same as Ace with regard to packet capturing.  In my experience, running a packet capture on the box even for a day or so, will provide you with the information you are looking for without impacting any production systems.  You can apply a filter to the capture so that you only see the DNS traffic.

    Guides and tutorials, visit ITGeared.com.

    itgeared.com facebook twitter youtube

    • Proposed as answer by Tiger Li Monday, April 02, 2012 7:33 AM
    Sunday, April 01, 2012 4:15 PM