Re: AD/DNS infrastructure (long)

From: Scott Lowe (slowe-nospam_at_nospam-mercurionsystems.com)
Date: 03/25/04

• Next message: Mike Doyle: "Re: ADAM install hangs at Starting ADAM service..."
• Previous message: Jerold Schulman: "Re: default settings?"
• In reply to: Scott Lowe: "AD/DNS infrastructure (long)"
• Messages sorted by: [ date ] [ thread ]

---

Date: Thu, 25 Mar 2004 09:03:17 -0500

On 2004-03-24 09:51:08 -0500, Scott Lowe
<slowe-nospam@nospam-mercurionsystems.com> said:

> My question centers around the DNS infrastructure; specifically, the
> DNS infrastructure for the child domain that will handle locations in
> North, Central, and South America. Even more specifically, I am
> wondering about the dynamic registration of DC-related DNS records.
>
> Is it worthwhile, or even recommended, to limit some of the dynamically
> registered entries for DCs located in branch offices?
>

I know it is typically bad form to respond to one of your own postings
(I apologize), but I wanted to add some information briefly to help
clarify my original posting.

Refer to one or more of the following URLs:

        http://www.jsiinc.com/SUBK/tip5100/rh5162.htm

        http://www.winnetmag.com/Articles/ArticleID/37935/pg/4/4.html

Both of these sites reference the use of the DnsAvoidRegisterRecords
registry key (or the corresponding Group Policy setting for Windows
Server 2003) to control the registration of generic DNS SRV records for
site-level DCs. Specifically, this is done to streamline and optimize
the authentication process so that a client PC in a branch office site
won't find a DC in a different branch office when all local DCs are
unavailable. Instead, it will use a DC in the central office.

Has anyone done this? Is anyone aware of any drawbacks to using this setting?

Scott Lowe
Mercurion Systems, Inc.

---

• Next message: Mike Doyle: "Re: ADAM install hangs at Starting ADAM service..."
• Previous message: Jerold Schulman: "Re: default settings?"
• In reply to: Scott Lowe: "AD/DNS infrastructure (long)"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: DNS fine-tuning for AD logon traffic ... Integrated DNS, and have the DHCP for the branch offices point at these DCs ... > from a branch office crossing the WAN to another branch office due to ... > allow only the DCs at the high-speed core sites to register those ... (microsoft.public.win2000.active_directory) Re: I can not figure out why? ... I have two windows 2000 DCs and two Windows 2003 DCs. ... all workstations new DNS to point the new DNS through the DHCP server ... you must be careful when selecting the new servers to be DNS servers. ... If the zone is ... (microsoft.public.windows.server.active_directory) Re: Scavenging question ... I think that "DCpromo cycling" mentioned by Herb means "Demote your DCs and ... If you have another DC, you can transfer FSMO to that DC, clean install the ... Clients recieve all DNS information via DHCP so in that way XP ... (microsoft.public.win2000.dns) Re: Can I Round Robin DCs? ... To make sure that everything is setup correctly rin dcdiag and netdiag on ... Assuming that both DCs are also DNS servers, ... clients have them both in NIC DNS settings. ... DCs in the clients site. ... (microsoft.public.windows.server.dns) Re: Branch Office Networking ... Troubleshooting Windows Event ID ... BRANCH OFFICE CLIENT ... DNS SUFFIC SEARCH LIST...ATW.LOCAL ... > Everything works fine (able to access network, email, dns, etc.). ... (microsoft.public.windows.server.networking)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)