Re: One AD zone poses problem for regional adminstrator
From: Mark Renoden [MSFT] (markreno_at_online.microsoft.com)
Date: 06/10/04
- Next message: DJ: "Re: One AD zone poses problem for regional adminstrator"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: One AD zone poses problem for regional adminstrator"
- In reply to: anonymous_at_discussions.microsoft.com: "Re: One AD zone poses problem for regional adminstrator"
- Next in thread: DJ: "Re: One AD zone poses problem for regional adminstrator"
- Reply: DJ: "Re: One AD zone poses problem for regional adminstrator"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 11 Jun 2004 09:35:01 +1000
Hi DJ
I don't know how you're going to achieve this if all of the machines are in
the same domain/name space. An example of what can go wrong:
++++++
Let's assume the domain is called "mydomain.local".
All sites except this "special site" use DNS servers that have a copy of the
"mydomain.local" zone and this zone covers all computers in all sites except
the "special site".
The "special site" has it's own zone called "mydomain.local" that only
contains machines that are in the "special site".
How does a machine in the "special site" ever find a machine in any other
site?
++++++
If you're using a single domain, you need one consistent zone across all DNS
servers. If you use child domains with delegation and forwarders, you can
more easily meet the goals that your administrator has.
Kind regards
-- Mark Renoden [MSFT] Windows Platform Support Team Email: markreno@online.microsoft.com Please note you'll need to strip ".online" from my email address to email me; I'll post a response back to the group. This posting is provided "AS IS" with no warranties, and confers no rights. <anonymous@discussions.microsoft.com> wrote in message news:1af9501c44f3f$79eaee30$a101280a@phx.gbl... > Thanks Mark, > > Essentially the admin does not want to have to browse > through several hundred computers when administering DNS. > He wants to view the DNS information for his region only. > > I did not know if we could install a child domain as all > of the sites are included in one domain. > > > >>-----Original Message----- >>Hi DJ >> >>You might need to explain "segregate the his computner > from the zone for >>administrative purposes". >> >>Here's a how to on zone delegation for child domains: >> >>255248 HOW TO: Create a Child Domain in Active Directory > and Delegate the >>DNS >>http://support.microsoft.com/?id=255248 >> >>Kind regards >>-- >>Mark Renoden [MSFT] >>Windows Platform Support Team >>Email: markreno@online.microsoft.com >> >>Please note you'll need to strip ".online" from my email > address to email >>me; I'll post a response back to the group. >> >>This posting is provided "AS IS" with no warranties, and > confers no rights. >> >>"DJ" <anonymous@discussions.microsoft.com> wrote in > message >>news:1af6801c44f3a$b8671f80$a101280a@phx.gbl... >>>I will soon be deploying Windows 2003/AD for our network >>> which consists of several offices around N. America. My >>> plan calls for a single forest/single tree with one DNS >>> zone however one of the administrators in a regional >>> office wants to segregate the his computers from the > zone >>> for administrative purposes. Does anyone know of a way > to >>> do this? I have looked at and tested Delegated zones > but >>> I cannot get it to work. >>> >>> Any help would be appreciated!!! >> >> >>. >>
- Next message: DJ: "Re: One AD zone poses problem for regional adminstrator"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: One AD zone poses problem for regional adminstrator"
- In reply to: anonymous_at_discussions.microsoft.com: "Re: One AD zone poses problem for regional adminstrator"
- Next in thread: DJ: "Re: One AD zone poses problem for regional adminstrator"
- Reply: DJ: "Re: One AD zone poses problem for regional adminstrator"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
