Hi,
I am looking at an AD environment that is as follows:
Domain Level: 2003
Forest Level: 2003
2 AD sites:
Site 1:
DC1.mydomain.local (Server 2003 DC/DNS) IP 192.168.5.1
DC2.mydomain.local (Server 2003 DC/DNS) IP 192.168.5.2
DC3.mydomain.local (Server 2012R2 DC/DNS) IP 192.168.5.3
DC4.mydomain.local (Server 2012R2 DC/DNS) IP 192.168.5.4
Site 2:
SDC1.mydomain.local (Server 2012R2 DC/DNS) IP 192.168.6.1
In DNS, I have the following forward zones:
_msdcs.mydomain.local (with the relevant SOA, NS, CNAME records and DC, Domains, GC and PDC records) -AD integrated, replication to all DNS servers in this forest.
mydomain.com (manually created external Forward Lookup zone - AD intergrated) Replication to all DCs in this domain.
mydomain.local - AD integrated, with replication to all domain controllers in this domain. Contains all the NS, CNAME and A records for the domain. Folders are _msdcs (greyed out), _sites, _tcp, _upd, DomainDNS Zones, ForestDNS Zones, and the TAPI3Directory. The TAPI3Directory contains a host record point to DC1 (192.168.5.1), 2 folders: Sites (containing one folder for site1 and one for site2. The site1 subfolder has a tcp folder with an srv record pointing to dc1 (192.168.5.1) and the site2 subfolder has a tcp folder pointing to sdc1 (192.168.6.1)). The other folder in the TAPI3directory is _tcp which has an SRV record pointing to dc1 (192.168.5.1).
I am planning on demoting the 2 2003 DCs in Site one and replacing them with 2 2012R2 DCs using the same IPs.
My questions are as follows:
1) _msdcs folder (greyed out) in mydomain.local: On all DCs, this only has the NS record for DC1 (192.168.5.1) I've searched and there seem to be two kinds of behavior for this folder. Some people are saying that it doesn't update dynamically and that you need to add the other DCs/DNS servers in there manually. I've also found a post stating that that this record should have the NS of the DC you are looking at the record on. So, if I look at the folder on DC2, it should have DC2 as the NS. However, this is not the case. Every DC I examine the record on seems to have only DC1 in the _msdcs folder. Do I need to add the other DCs/DNS servers in here prior to demoting DC1 and DC2 and then remove DC1 and DC2 after they have been demoted? Simillarly, do I have to manually add any new DC/ DNS server created to this folder?
2) The TAPI3Directory: One post I found indicates this has to do with telephony. The sites do use VOIP but this is through a third party phone server ( a linux box on site) and they are unsure if it is needed or not. Additionally, the _tcp folder in the root of this directory only has DC1 in there and the site1 subfolder in Sites has only DC1 and not the other DCs. Do I need to add the other DCs to the _tcp folder in the root and to the site1 folder in the sites subfolder? Will adding the other DCS be enough for replication across to the 2012R2 DCs, and thus allow me to demote the 2003R2 DCs safely (I believe that if the TAPI3Directory is not removed or migrated, I will not be able to demote the 2003 DC)? The TAPI3Directory is part of mydomain.local which is AD integrated with replication to all domain controllers in the domain.
Thanks very much,
HA