Re: AD integrated Zone - zone transfer question
- From: "djc" <noone@xxxxxxxxxxx>
- Date: Wed, 12 Apr 2006 13:25:41 -0400
ok. Thanks Herb. I appreciate it.
"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:OJA8twkXGHA.4684@xxxxxxxxxxxxxxxxxxxxxxx
Scope possibilities include:
1) All DCs of domain (only possibility for Win2000)
2) All DNS-DCs of domain (new in Win2003)
3) All DNS-DCs of forest (new in Win2003)
4) All DNS-DCs of holding a specific applicatin named
partition (new in Win2003)
I noticed you specified 'DNS-DCs' for Win2003 scenarios and just 'DCs'
for Win2000 scenario. Does this mean the following:
1) In Win2000, AD integrated dns zones are replicated to all DCs in the
domain whether they have the dns service installed or not (true/false)?
True. That is surprising to many people.
The records get replicate but are generally useless without the
service.
No issue with reasonable size domains but if someone had 10,000
registered computers it might be not only worthless but actively
detrimental.
2) In Win2003, AD integrated zones are replicated only to DCs within
their specifed scope (your 2, 3, or 4 scope possibilities above) *with*
the dns service installed, not to DCs *without* the dns service installed
(true/false)?
Yes. Unless you pick the Win2000 compatible option.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
"djc" <noone@xxxxxxxxxxx> wrote in message
news:%23q6J8kjXGHA.3724@xxxxxxxxxxxxxxxxxxxxxxx
thank you Herb. That was very helfpul. One last question, see inline:
"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:evC9TFjXGHA.1352@xxxxxxxxxxxxxxxxxxxxxxx
"djc" <noone@xxxxxxxxxxx> wrote in message
news:ONr4a3iXGHA.1196@xxxxxxxxxxxxxxxxxxxxxxx
I came across a scenario in a sample test question that raised a few
questions to me. Lets say you have 2 sites each with a DNS server. The
server at site 1 hosts a primary zone and the server at site 2 hosts a
secondary zone. Automatic notifications are enabled. Now, the zone is
subsequently changed to an AD integrated zone and all the dns servers
are updated to store the zone in AD.
1) according to the info in the question's explanation since Automatic
Notifications were not disabled then the servers will continue to send
them and subsequently when one of the servers receives a notification
it WILL perform a 'zone transfer'.
AD Integrated servers do NOT request regular zone
transfers (AFAIK and if they did that it would seem
a bug.)
Remove the notification on the source server (old Primary etc)
though, since that is done by IP and not through AD replication.
This confused me since my understanding of an AD integrated zone is
that the zone data is stored in AD and replicated with the rest of
active directory and this means there is no more 'zone transfer'
possible from one server directly to just one other (AD integrated to
AD integrated)? In other words there is only whole AD replication so
all dns servers hosting the zone get the changes. To clarify further,
the scenario indicated a zone transfer would take place between 2 dns
servers hosting the AD integrated zone, not between one dns server
hosting the AD integrated zone and some other dns server hosting a
secondary zone. Could someone enlighten me on this subject? I am
obviously not clear on it.
AD Integrated servers can still PROVIDE zone transfers
to ordinary secondaries. But they do not request them.
AD is used instead for DNS replication.
2) another question comes to mind: can DNS data be replicated
seperately from other active directory data? is yes, does it by default
and is this new to windows server 2003?
Sort of (depending on what you mean). It will replicated
as the SAME time as other data, but you can if you wish
store DNS info in an AD partition or control the replication
"scope" but these features do require Win2003 DNS-DCs
(Win2000 didn't have this.)
Scope possibilities include:
1) All DCs of domain (only possibility for Win2000)
2) All DNS-DCs of domain (new in Win2003)
3) All DNS-DCs of forest (new in Win2003)
4) All DNS-DCs of holding a specific applicatin named
partition (new in Win2003)
I noticed you specified 'DNS-DCs' for Win2003 scenarios and just 'DCs'
for Win2000 scenario. Does this mean the following:
1) In Win2000, AD integrated dns zones are replicated to all DCs in the
domain whether they have the dns service installed or not (true/false)?
2) In Win2003, AD integrated zones are replicated only to DCs within
their specifed scope (your 2, 3, or 4 scope possibilities above) *with*
the dns service installed, not to DCs *without* the dns service installed
(true/false)?
But it still transfer DURING the normal replication (Scheduled
Hours at Frequency intervals across Sites.)
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
any input on this would be GREATLY appreciated. Thanks.
.
- References:
- AD integrated Zone - zone transfer question
- From: djc
- Re: AD integrated Zone - zone transfer question
- From: Herb Martin
- Re: AD integrated Zone - zone transfer question
- From: djc
- Re: AD integrated Zone - zone transfer question
- From: Herb Martin
- AD integrated Zone - zone transfer question
- Prev by Date: Re: DNS problem - 2 IP addresses on one adapter
- Next by Date: Re: Migration Problem
- Previous by thread: Re: AD integrated Zone - zone transfer question
- Next by thread: Re: DNS problem - 2 IP addresses on one adapter
- Index(es):
Relevant Pages
|
