New Domain Controller with DNS in Windows has forwarders setup

windows domain-name-system active-directory windows-server-2012-r2
5,197

This does appear to be expected behavior, and it occurs when you create your domain controller.

DNS forwarders are auto-populated when the domain controller is promoted, according to a set of rules that's ill-documented by Microsoft, but that the fellow at the linked page seems to have enumerated nicely. I checked, and the auto-population behavior in Server 2012 R2 seems to be unchanged from Server 2008 R2. The only official word from Microsoft that I've been able to find on the subject is this Technet blog post.

It does makes sense, at least as far as copying external DNS forwarders - you presumably would want the same ones for all your domain controllers, or at the very least, would want all your domain controllers to have some external forwarder, so that your clients can perform DNS lookups for external domains.

Share:
5,197

Related videos on Youtube

Brett G
Author by

Brett G

Updated on September 18, 2022

Comments

  • Brett G
    Brett G over 1 year

    I just installed a new Windows 2012 R2 domain controller. I was looking in the DNS Server, and there were two DNS Forwarders setup, which were other domain controllers. "Forwarders are DNS servers that this server can use to resolve DNS queries for records that this server cannot resolve"

    I'm curious though, how was it already populated with other server names? Is this default set somewhere in Active Directory?

    edit: Screenshots of where I'm referring to Screenshot Screenshot2

    • Brett G
      Brett G about 9 years
      These are DCs in our domain, yes. Honestly, I'm not exactly sure why this was setup this way.... we don't need any forwarders. However, more of my question is why a virgin server brought in this setting after I promoted it.
    • HopelessN00b
      HopelessN00b about 9 years
      I applaud the effort in posting a screenshot, but you did kind of redact everything that would be useful in it.
    • kralyk
      kralyk about 9 years
      There are AD integrated conditional forwarders, but I've not seen AD integrated normal forwarders. These are set per DNS server and not replicated that I'm aware of. So I'm not sure how you are seeing this, or even why the DCs would even be in there since it doesn't make much sense to forward a DNS request to another DC that will give the same answer as the existing DNS server.
    • joeqwerty
      joeqwerty about 9 years
      I'm with thecleaner. Conditional Forwarders can be replicated with AD but I've never seen this with Forwarders. It could be that I've never looked so have never notice it, but it seems odd.
    • joeqwerty
      joeqwerty about 9 years
      As for forwarding to other DC's: I've seen that in secured environments where only specific DC/DNS servers are used to forward external queries, so that seems OK to me.
  • kralyk
    kralyk about 9 years
    Good insight, strange that I've never noticed it myself, but I also just use 8.8.8.8 and the root hints for all so I probably saw it and figured I'd already set it. :)
  • HopelessN00b
    HopelessN00b about 9 years
    @TheCleaner It's something I had to think about.. and when I did, I realized it's always "just worked", and because it always "just worker" with no input from me, something I'd never thought about before. :)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to have your DNS servers forward queries for internet names
Broken DNS delegation
Group Policy for DNS Server Addresses
Cannot Join Client Computer to Server Domain (Windows Server 2012 r2)?
Windows Server 2008 Domain alias for users to log on to?
Windows Cannot View Domain Location
Server 2012- Installed DNS Role but DNS Manager not showing up in Tools
Windows AD DNS: Event ID 5504
Windows Server 2012 R2 Standard located in our DMZ has problems with connection to RoDC
Possible DNS Server memory leak