Update existing servers

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Update existing servers

Updating the configuration of your DNS servers can be necessary for various reasons, such as to:

  • Change the computer (host) name of the server computer.

  • Change the primary or parent DNS domain name of the server computer.

  • Change the IP address for the server computer.

  • Remove a DNS server from the network.

  • Change the primary server for a zone (standard primary zones only).

Each of these is covered in the following sections.

Changing the computer (host) name of the server

If you need to change the host name of a DNS server (but not its parent or primary DNS domain name), make the following changes in the zone where the server is configured as an authoritative server for the zone:

  1. Change the computer name for the server in System properties.

  2. Restart the computer to initiate the following DNS dynamic updates:

    1. Add the new host (A) and pointer (PTR) resource records (RRs) for the new name and IP address of the server.

    2. Remove the old A and PTR RRs for the old name and IP address of the server.

  3. Update the name server (NS) RR in zones where the server is configured as authoritative to point to the new A RR added in step 2.

  4. If the server is the primary server for a standard zone, revise the name in the owner field of the start of authority (SOA) RR for the zone (If the zone is directory-integrated, this step is not needed).

  5. Check in the zones to ensure that any delegation records -- NS or A RRs -- that are used, are updated for the new name of the server.

Changing the primary DNS domain name of the server

When changing the DNS domain name of a computer, the ability to change the primary DNS domain name of the server can depend on whether or not you are using the computer as a domain controller.

Important

  • By default, the primary DNS suffix portion of a computer's fully qualified domain name (FQDN) must be the same as the name of the Active Directory domain where the computer is located. To allow different primary DNS suffixes, a domain administrator may create a restricted list of allowed suffixes by creating the msDS-AllowedDNSSuffixes attribute in the domain object container. This attribute is created and managed by the domain administrator using Active Directory Service Interfaces or Lightweight Directory Access Protocol (LDAP).

    For more information, see Programming interfaces and Directory access protocol.

If you are running the server computer as a domain controller, the primary DNS domain name of the server computer is set to be the same as the name of the Active Directory domain where the server was promoted to be a domain controller. To change this name, you must first demote the server so that it is no longer a domain controller. For a server changing its parent DNS domain name in this situation, the process of adding and deleting A and PTR RRs for the server is done automatically when joining and leaving an Active Directory domain. In this case, only manual updating of the name server (NS) RRs for the old and new DNS parent domains might be needed.

To change the DNS domain name for a DNS server computer not using Active Directory, such as a domain member server or a stand-alone server, some additional changes and manual administration might be necessary. For example, if the old and new DNS domain names are in two different zones, such as Zone A (the old zone) and Zone B (the new zone), you would need to make the following changes:

  1. Change the Primary DNS suffix for this computer in System properties and restart the computer.

  2. In Zone A, remove the host (A) RR for the server.

  3. In Zone B, add the A RR for the server.

  4. Update all start of authority (SOA) and name server (NS) RRs in zones containing the name of the renamed DNS server.

Changing the IP address of the server

To change the IP address for an existing DNS server, the process is the same as for any DNS host computer. Update the IP address in the server address (A) resource record. If the name of the server does not change, NS and SOA records are not affected.

A common configuration error that occurs when changing an IP address in the A resource record in a zone is that the same information used elsewhere in DNS is not updated. For example, if a DNS server that has a name or address change is used in a parent zone as part of a set of delegation records, the zone records might be updated but the delegation records left unchanged. For this reason, it is good to check the parent zone as well when changing or updating IP addresses for A resource records for DNS servers in a zone. Otherwise, zone delegation can fail.

Also, if you are using a multihomed server, be aware of the events and conditions under which a server running Windows Server 2003 can initiate a dynamic update when connection-specific DNS domain naming is used. For more information, see Configuring multiple names.

Removing a DNS server from the network

To remove a DNS server from the network, make the following changes in zones where the server is configured as an authoritative server for the zone:

  1. Remove the address (A) resource record for the server.

  2. Update the name server (NS) records in zones where the server is configured as authoritative to no longer include the server by name (as it appeared in the A record deleted in Step 1).

  3. If the server is the primary server for a standard zone, revise the owner field of the SOA resource record for the zone to point to the new primary DNS server for the zone. (If the zone is directory-integrated, this step is not needed.)

  4. Check the parent zone to ensure that any records (NS or A resource records) used for delegation to the zone are revised and no longer point to the removed server.

Changing the primary server for a zone (standard primary zones only)

For standard primary zones, it can sometimes be necessary to change the designated primary server for a zone. For example, suppose that the current primary server for a standard primary zone is Server A, and the new primary server for the zone is Server B.

To affect the changeover in status from Server A to Server B, make the following zone changes:

  1. Add a new host (A) resource record (RR) for Server B.

  2. Update the name server (NS) RR in the zone to remove Server A and include Server B as a configured server of authority that points to the new A RR added in Step 1.

  3. Revise the name in the owner field of the start of authority (SOA) RR for the zone from Server A to Server B.

  4. Remove the old A RR for Server A.

  5. Check the parent zone to ensure that any delegation records (NS or A RRs) used are updated to refer to Server B.