Re: DNS Redesign Issue

I agree. The question is how to get the domains for the child zones out of
the single existing zone for company.com. You can't simply copy and paste
it, and recreating all the records would take hours. And I don't want the
whole company.com domain replicated to all the child domains.

Thanks
Jason McKee
MCSE/MCSA (Messaging) 2003

"Jorge Silva" wrote:

As I already told you there are many possible configurations, for this to
work, the most common is to delegate the child zones on tld to each child
domain.

In each child domain you can choose by different type of possible
configurations:

-If you configure Forwarding ("All other Domains" option - pointing to tld)
all queries will go to tld DNS server (including Internet resolution
queries), if the link with tld is down then queries will fail for domains
but the DNS server will attempt to use its root hints to resolve the queries
(unless you select the option don't use recursion for this domain).

-If you configure Conditional Forwarding, you can have better control where
queries will go, and if the link is down for any particular domain, that
doesn't mean that other queries will fail as long as you have a link up with
these domains.

-For secondary and stub zones: the big advantage of stub zones is that
they'll refresh automatically the NS records for that domain, and you don't
need to allow zone transfer for stub zones to work, but all queries will be
sent to NS for these domains. As for Secondary Zones all queries can be
resolved locally, but you need to allow zone transfer on each zone.

-For Active Directory Integrated Zones (require that the DNS is also a DC),
you can always choose by replicate them across the domain or forest. This
can have a significant impact on your replication traffic.
--
I hope that the information above helps you


Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jason McKee" <Jason McKee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5E05FC44-4C9E-4801-B5E9-7FB6F58E18DC@xxxxxxxxxxxxxxxx
The stub zone idea would work but it is not ideal for my situation. If I
create stub zones for each domain then I have no fault tolence in the case
that a link between the sites goes down.

Your other idea wasn't clear but I think you are suggesting that I
intergrate company.com in to the AD and replicate it across the forest. I
have thought of this as well and plan to use it as a worst case senario.
Ideally what I want to do though is extract the DNS information for
city.company.com from the company.com zone and import it in to a new
city.company.com zone.

This is a tough problem and I appreciate all the help!

Thank you,

Jason

"Jorge Silva" wrote:

the dallas.company.com is a child domain right?
you can in newly created ad intergrated zone pointing to the tld or
create a
stubzone on the domain and replicate it accross that new domain.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jason1320" <Jason1320@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:53042AA6-8A57-41CC-BAA6-FDE8E5C184F1@xxxxxxxxxxxxxxxx
I plan to use stub zones in the top level domains. The issue I am
having
is
getting the dns data from dallas.company.com in the tld domain to the
newly
created ad intergrated zone. I would like to do this without manually
recreating each record.

Thanks,

Jason

"Jorge Silva" wrote:

Hi

Currently we have one root domain in a single AD forest. Under that
root
we
have 9 child domians, all one layer below the root. All DC's are
2003.

Hoooo my GOD so many domains, did you had any especial reason to make
10
domains?

What I would like to do is create AD integrated zones for each
domain
and
deligate athority from the primary zone, company.com. The problem
that
I
am
running in to is how to get the data from the subdomains out of the
primary
zone, company.com, and in to the newly created AD intergrated zone.
I
only
want the information that is critical to each domain. (i.e. for
dallas.company.com I only want the information below the dallas
folder
in
company.com.)

Basically you need to create a tld DNS domain make it AD Integrated,
and
delegate the child zone to the other DCs in sub domains, by delegating
the
zones the tld domain knows where to find the NS for these domains, the
problem should come how the child domains resolve the tld domain, and
there
several methods for this, but you're replicating the tld to the child
domains so you need not to worried about that.

Check:

Best practices for DNS client settings in Windows 2000 Server and in
Windows
Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036&sd=RMVP

HOW TO Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/default.aspx?scid=kb;en-us;255248&sd=RMVP
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Jason1320" <Jason1320@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1697112D-E13F-4066-9500-0DCAC8F2A028@xxxxxxxxxxxxxxxx
I am trying to redesign DNS for a company I just joinedbut I have
come
across
an issue that I'm not sure how to get around.

Currently we have one root domain in a single AD forest. Under that
root
we
have 9 child domians, all one layer below the root. All DC's are
2003.

DNS is setup as follows. The root domain contains one DNS server
with
a
single primary zone of company.com. Each child domain has a
secondary
"copy"
of this zone on at least one server in the domain. Within the
primary
zone
there are folders for each domains subdomain. (Example:
dallas.company.com)
Each domain controller is configured to write back to the primary
zone
to
make updates.

What I would like to do is create AD intergrated zones for each
domain
and
deligate athority from the primary zone, company.com. The problem
that
I
am
running in to is how to get the data from the subdomains out of the
primary
zone, company.com, and in to the newly created AD intergrated zone.
I
only
want the information that is critical to each domain. (i.e. for
dallas.company.com I only want the information below the dallas
folder
in
company.com.)

Any suggestions?

Thank you,

Jason











.

Relevant Pages

  • Re: DNS
    ... DNS was pointing to the the DC at Site A which already had a AD ... DNS zone replicating from the DNS server in site A and everything was ... Assuming you created a child zone at B, apparently the zone for B is a child zone under A. Assuming zone A's default replication scope is still set to "All DNS Servers in teh Domain," B's servers will never see the zone becaues they aer in a different domain. ... You would also need to create a forwarder from your DNS servers to the parent zone's DNS servers, which we will assume are Forwarded out to the ISP. ...
    (microsoft.public.windows.server.dns)
  • Re: set up first child DC in a remote site
    ... has not set its IP and DNS in the creation of ... delegation can the parent DC see the child DC-to-be? ... and child zone created as the Conditional forwarding configured pointing to ...
    (microsoft.public.windows.server.active_directory)
  • Re: Misconfigured AD
    ... Currently the Child Domain DC is configured as a secondary DNS ... The Parent DC is also the Primary DNS Server. ... ROOT created as a zone on your DNS server, or is that that actual Root ...
    (microsoft.public.windows.server.active_directory)
  • Re: Child DNS replication scope error - "Name limit for the local.
    ... Anyway, based on the Event Logs, it seemed that a zone was being ... Restarted both the child DCs. ... replication scope in EITHER of those to "All DNS servers in AD domain ...
    (microsoft.public.windows.server.active_directory)
  • Re: Child domain and DNS
    ... Connection-specific DNS Suffix. ... Acording to the KB i have setup a forwarder on the Child. ... on the parent and only showing the child DNS server name and ip. ... What replication scope is the linakorg.local zone set to on the parent ...
    (microsoft.public.windows.server.dns)