Re: Help with Zone tranfers keep breaking

Jorge Silva wrote:
Hi Kevin and Chris

Well I did some testing on this again and I'm going to let you know
the results:

I setup a similar scenario to Chris

2 Forests, and 2 DCs in each.
Between the 2 forests there is a Forest trust (Note: unlike External
trust, with forest trust we need DNS resolution.)

- Now according to Chris previous posts (lease let me know if I'm out
the base), he said that when he shutdown the ServerC, the trust fail
to validate, and this is the main question correct?

-Forest A has 1 Zone AD Integrated in the 2 Servers (DC1,DC2) for the
local domain. I changed the SOA expiration time to 5m, and evrything
else to 1min. -Forest B has 1 Zone AD Integrated in the 1 Server
(DC3) for the local domain, then I Setup a secondary Zone setup to
load from the 2 servers from ForestA.
-The Secondary Zone SOA is pointing to DC1 on ForestA.
-Shutdown the the DC1.
-Goto ForestB try to validate the trust, the validation FAILS. I
clear the local cache and DNS server cache, then I try again the
Trust verify successfully.
-Then I did one more test.
-Because isn't possible to get the Secondary Zone updated (new
records, deleted records,etc) if the SOA owner is down, i selected
reload from master and the SOA record changed automatically from DC1
to DC2, and it's up and running.

These were my tests, I don't know if Kevin has something to add or
comment, or if he desagree.


Note:I had a 3 Forest (Windows 2004 SP4), that I didn't included in
the scenario above, but I also setup a secondary Zone, and I could
verify that the SOA owner changed from DC1 to DC2 after awhile.

Did you try a zone transfer?



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================


.

Relevant Pages

  • Re: Help with Zone tranfers keep breaking
    ... only updates with new records if the SOA is online ... Between the 2 forests there is a Forest trust (Note: ... -The Secondary Zone SOA is pointing to DC1 on ForestA. ...
    (microsoft.public.windows.server.dns)
  • RE: Trusting Domains
    ... Are both domains Windows 2000? ... Do you have name resolution working between forests, ... I setup a VPN between the Firewalls that we have and can see the ... I setup a trust in AD Domains and Trusts between the ...
    (microsoft.public.win2000.active_directory)
  • Re: Help with Zone tranfers keep breaking
    ... if the Secondary changes to the Online SOA. ... Between the 2 forests there is a Forest trust (Note: ... -The Secondary Zone SOA is pointing to DC1 on ForestA. ...
    (microsoft.public.windows.server.dns)
  • Re: Help with Zone tranfers keep breaking
    ... I setup a similar scenario to Chris ... Forests, ... Between the 2 forests there is a Forest trust (Note: ... I changed the SOA expiration time to 5m, ...
    (microsoft.public.windows.server.dns)
  • Re: replication and smtp address problem
    ... Please give some more info about the setup. ... You have 2 different forests, ... They are connected with a trust between? ... When i want to replicate with a dc in my forest i get the error below. ...
    (microsoft.public.windows.server.active_directory)