Re: DNS in different domains, different tree

From: Herb Martin (news_at_LearnQuick.com)
Date: 10/21/04 

Date: Thu, 21 Oct 2004 11:52:05 -0500

"Tony" <tkusina@hydra-flex.com> wrote in message
news:04f801c4b77d$f9677b00$a601280a@phx.gbl...
> I have just installed a new domain to a new tree in
> active directory. The new domain is PH.net and the
> existing one is HF.net.

So each DNS server set must have a way to resolve the
OTHER domain DNS server set.

> These are in different sites.

Not directly relevant.

> Both are running DNS and are authorative for their
> domain.
> Both are AD integrated zones.

All DNS servers for a zone are authoritative for that zone
(secondary, Primary, AD-integrated are all authoritative.)

> Replication is
> currently not working and i want to have so that clients
> can resolve all names between both domains regardless
> where they are at.

Yes, you need to arrange for cross resolution through one
of several methods; I will describe below the one you
intended to enable...

> What do i need to be able to do this? I thought by using
> an AD integrated zone it would aoutmatically replicate to
> all DNS servers?

Not across domains but this can be enabled in Win2003
(All DNS servers in Forest) but FIRST you must get AD
replication to work.

Since AD replication is based on DNS, you cannot depend
on it UNTIL you first get DNS to replicate (completely)
and then get AD to replicate fully in the Forest.

After that, the settings to replicate to all DNS servers in
the FOREST will work.

Do this:

1) Add the "other domain" as a secondary on each current
DC-DNS server and specify the "other DNS" server as
the Master.

2) Do this for the "other Domain" back to the first domain/zone.
(Cross secondaries on each separate set of DNS servers so that
each holds BOTH zones.)

3) Ensure that the secondary from each zone does a zone transfer
and gets the records.

4) Make sure AD replicates fully (wait for, or force, replication)
[and you can check with DCDiag or one of the ReplAdm tools.]

5) Now (both DNS are working and AD is replicating) you can
change each of the secondaries to AD-integrated and ensure that
the settings for each zone are set to replicate to all such DNS-DCs
throughout the FOREST. 

-- 
Herb Martin
> Thanks

Relevant Pages

  • Re: DNS and active directory
    ... my other two w2k3 DNS servers are listed so I am guessing ... on my Root domain dns server is set to replicate to "All DNS servers in the ... SHOULD be set to replicate to the forest so that the updates for each zone ... DNS data can be replicated in various application directory partitions (in ...
    (microsoft.public.windows.server.dns)
  • Re: 2003 AD DNS Issue
    ... Even if you choose forest wide it will only replicate to the Win2k3 ... but I'm not sure how many Win2k DNS servers you ... And by changing these settings at any time can ... > it was suppose to be set as a secondary zone so I changed ...
    (microsoft.public.windows.server.dns)
  • Re: DNS in different domains, different tree
    ... > All DNS servers for a zone are authoritative for that zone ... >> an AD integrated zone it would aoutmatically replicate to ... > (All DNS servers in Forest) but FIRST you must get AD ...
    (microsoft.public.windows.server.dns)
  • Re: AD integrated/secondary zone entry discrepancies in W2k forest
    ... The DNS servers are clients too, ... The child domain DNS servers need to be able to query the root domain ... zone, and one way to do that is by having an active-directory integrated ... confusing and it may be simpler to make them all standard secondaries. ...
    (microsoft.public.windows.server.dns)
  • Re: 2 DNS servers and SBS zone issue
    ... if the zones on both DNS servers are configured as Active Directory ... Have you determined that the Windows 2000 DC and the SBS ... My problem is that the AD zone from the SBS will not replicate to the ...
    (microsoft.public.windows.server.dns)
Loading