Re: Help with Zone tranfers keep breaking

Ok here is how it looks and yes DNS Integration is turned on the primaries.

Forrest A --- Server A---DNS Primary with Forrest B DNS Secondary

Forrest B --- Server A --- DNS Primary with Forrest A Secondary

Forrest B --- Server B --- DNS Primary with Forrest A Secondary

Forrest B --- Server C --- DNS Primary with Forrest A Secondary

Forrest A is in 192.168.123.x subnet
Forrest B with Server A, and C is in 192.168.1.x Subnet
Forrest B with Server B is in 192.168.18.x Subnet.

There is only one firewall but its not in the path of communication between
these 3 subnets. They all link up to a Routing Switch.




"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:O$2DzXVzGHA.4932@xxxxxxxxxxxxxxxxxxxxxxx
Ok.

I believe they are all primary zones.

All zones Primary Zones AD Integrated? I'm asking this because you can
only have one single standard Primary Zone configured on one server and
all other servers that need that Standard Primary Zone will have to be
setup with secondary zone.
For example (In forest B) if ServerA as a Standard Primary Zone, then
ServerB and C would need to have secondary Zones configured. In this
scenario If you configure ServerB and C with primary zones, that means
that all zones will be independent from each other.
You can confirm this on the Zone properties.

Assuming that you have Primary Zone AD Integrated:
Let me see if I get this right:
On Forest A you have a DNS server configured with a Primary Zone
Then you add a Secondary zone From ForestB, you configured that secondary
Zone to load from ForestB-ServerA,B and C.
That Zone only updates when ServerC is online Correct?

Check:
-Go to ForestA DNS ServerA and right click on that secondary zone and
choose properties, on the general tab, confirm that you have the correct
IPAddresses for the servers (A,B and C) in ForestB.
-Then go to EACH Server in forestB (Server A, B and C), right Click on the
Zone choose Zone Transfers Tab, make sure that in EACH server you have the
option "Allow Zone Transfers" Selected and the option "Only to the
following Servers" and that you have the Correct IPAddress for ServerA In
ForestA, this has to be done in EACH DNS Server in ForestB.

FW=Firewall, I asked this because if you have those servers (From ForestB)
in different locations they might have one Different FW to each, and that
FW might prevent Zone transfer. Check Ports 53 TCP/UDP.

Conditional Forwarding (Only in windows 2003):
Defines where Specific queries for especific Domains are forwarded, this
is a very popular method used in different forests configuration scenario
(Note: You can't use Secondary Zones and Conditional Forwarding to the
Same Domain in the Same server, you can only use one of both methods in
each server).

http://technet2.microsoft.com/WindowsServer/en/library/0104be3c-0405-4455-b011-6950875c04461033.mspx?mfr=true

http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html




--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Chris Peikert" <c.peikert@xxxxxxxxxxxxxxxxxx> wrote in message
news:ozHJg.13112$%j7.12508@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I believe they are all primary zones.
All servers are setup to do Zone transfers.
We are not using any forwarders if thats what FW is.
What is conditional forwarding?

"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:eJ9dCKQzGHA.4816@xxxxxxxxxxxxxxxxxxxxxxx
Hi

Are you working with Secondary Zones?
Did you configured Server A,B and C to allow zone transfer?
Do you have any FW between these servers?

Why don't you use Conditional Forwarding?

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Chris Peikert" <c.peikert@xxxxxxxxxxxxxxxxxx> wrote in message
news:palJg.4478$yO7.3130@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Here is a setup of our current system.

Forrest A ---- Domain A ---- Server A

Forrest B ---- Domain A ----Server A (main server), B, and C.

Forrest A keeps having trouble with the DNS staying updated. When it
tries to replicate the zone info it gets an error "Unable to locate a
logon server." The server Forrest A wants is Server C in Forrest B.
Question is why doesnt Server A or B answer the request? Also is there
a way to make it look for Server A instead of C?
We rebooted Server C and it works fine for now, but what will happen if
C dies and goes offline permanatly? We could really appreciate some
help here. Thanks.









.

Relevant Pages

  • Re: Help with Zone tranfers keep breaking
    ... Can you please confirm that in DNS Server in Forest A Secondary Zone you ... have NS records for SrvA,B and C from ForestB? ...
    (microsoft.public.windows.server.dns)
  • RE: exchange server cannot mount mailbox store
    ... What's the exact detailed DNS Events ... Type desired internal IP address of your SBS server. ... it will delete the reverse lookup zone if the zone no longer ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Simple DNS For Private LAN -- SOLVED
    ... I used your examples and the "view" statement mentioned my Mathew Seaman to build a BIND 9 DNS server that is authoritative for mykitchentable.net. ... a local "master zone" visible only to my private LAN as you describe ... internal home network. ... which points to the root DNS servers. ...
    (freebsd-questions)
  • Re: DNS Redesign Issue
    ... -Using DNS console you can right-click the zone and export to a File, ... -To export a Zone and import that Zone in another DNS Server you need to use ... Create a child zone dallas on the DNS server in the child domain ...
    (microsoft.public.windows.server.dns)
  • Re: RWW not connecting to desktop BOSS
    ... Open DHCP server, right click the server's FQDN and select Properties. ... Navigate to DNS tab. ... To configure the zone to permit dynamic updates, ... click Non-secure and secure in the Dynamic updates ...
    (microsoft.public.windows.server.sbs)