Skip to content
Dragon Digital

Case study

Resolving DNS Issues in a Complex Server Migration

Virtualising a 250-user server environment and untangling years of DNS and Active Directory misconfiguration.

Server racks in a data centre with green status lights

Project Objective

We were brought in to help an established e-commerce business migrate from a single physical Windows server environment supporting over 250 users to a robust, secure, and scalable virtual infrastructure. Users were experiencing frequent disruptions, including issues accessing network resources, erratic Group Policy behaviour, and intermittent system bugs. As the business expanded, these problems posed increasing risks to productivity and continuity.

Our solution was to virtualise the existing infrastructure, implement a second hypervisor hosting a secondary Domain Controller (DC), and consolidate DNS and DHCP roles onto Windows Servers. We also planned to separate roles such as application hosting and databases onto dedicated virtual servers and migrate file shares to network-attached storage (NAS). The objective was to systematically resolve DNS-related issues to ensure a stable, reliable IT environment.

Challenges

A major obstacle was the lack of accurate network documentation. Key knowledge existed mostly within the IT team’s collective memory, complicating troubleshooting and planning.

The existing Windows Server and Active Directory setup had been misconfigured from inception, particularly impacting DNS. Critical updates and server reboots were often avoided, as no backup Domain Controller existed, making any downtime costly and disruptive.

Issues Identified

  • The internal domain name matched the company’s external website, causing repeated issues accessing the e-commerce platform internally.

  • Instead of proper reconfiguration, the domain was hastily renamed using an unreliable script, leading to non-standard DNS entries and further confusion.

  • A child domain had been incorrectly implemented within this unstable setup.

  • DNS misconfigurations led to erratic Group Policy applications, login issues, unreliable access to shared network resources, and prevented proper use of split DNS.

  • Promotion and replication of a secondary Domain Controller were unsuccessful due to underlying DNS errors.

  • NAS devices, critical for storage, were operating outside the domain due to DNS-related joining issues, forcing users’ computers to cache local credentials instead of authenticating properly.

  • Local devices frequently experienced time-sync issues, disrupting secure communications with the domain controller.

Our Approach

To minimise downtime for the client, we adopted a cautious, incremental approach, taking regular backups and snapshots to thoroughly test every change offline before implementing it live. We carefully documented all issues encountered, eventually tracing most problems back to the original faulty domain rename.

Skills and Technologies Deployed

  • Windows Server 2019: Active Directory, DNS, DHCP, Group Policy

  • Microsoft Hyper-V: Virtualisation, Virtual Switches, VLANs, NIC bonding

  • Veeam Backup & Replication: Robust virtual machine backup

  • Synology Rack-mounted NAS: Scalable, secure data storage

  • HP Rack-mounted Servers: Reliable infrastructure with advanced network management features

Outcome

We methodically resolved the DNS misconfigurations by meticulously auditing and correcting DNS entries. Utilising appropriate tools like Microsoft’s rendom, we successfully completed the domain rename correctly, establishing proper DNS delegation and rectifying the child domain setup. These actions immediately improved reliability, resolving Group Policy, file sharing, and time-sync issues.

Following the DNS corrections, we smoothly virtualised the client’s environment, deployed a functioning secondary Domain Controller, and integrated the NAS devices into the domain. Users now enjoy reliable, centralised access to shared resources.

The new setup allows regular server updates and reboots, significantly enhancing overall IT security and business continuity. VM-level backups ensure rapid recovery capability, protecting the business against hardware failures and data loss.

Conclusion

Although technically challenging, the structured approach and our extensive experience allowed us to transform a complex, error-prone infrastructure into a stable, secure, and compliant IT environment. Clear documentation and rigorous testing were instrumental in delivering a successful outcome, providing our client with the reliable foundation needed to support continued business growth.

For more on designing secure, resilient networks and Active Directory environments, see the NCSC’s network security fundamentals.

Facing something similar? Get in touch or explore our IT services.

Ready to make IT one less thing to worry about?

Book a free, no-obligation consultation. We'll talk through how your IT works today and where we can help, in plain English, with no pressure.

Contact us Call 01824 538232