_enIT
asked on
DNS Transfers between Trusted domains and zone questions
Hi there,
I’m a little rusty on Windows DNS zone transfers and could use a little help to verify we have everything setup correctly and securely.
We have two domains in house, Domain A is 2003 and Domain B is 2008. There is a two way trust between them currently. I want to make sure I have the DNS side setup and secured correctly.
So my questions:
1. I’ve added secondary DNS zones to all DC’s for the other domain. So on domain A (2003) I’ve added a secondary zone for domain B (2008). I’ve then added the name servers from domain B and left it at that. I did the same for domain B, adding secondary zones for domain A as well. Is this all that needs to be done?
2. Do Zone transfers need to be enabled for this, or need to be enabled anywhere? Does Domain A’s primary zone need to transfer to Domain B’s secondary zone and vice versa? Since these are just lookup/reference zones there shouldn’t need to write correct?
3. Also while I’m at it, without Zone transfers enabled on domain A, the other servers on domain A will still be updated since they’re AD integrated correct? Essentially I don’t need anything on the zone transfers tab for Domain A to Domain A correct?
Please let me know if you need any more info or clarification. Thanks for taking the time to read.
I’m a little rusty on Windows DNS zone transfers and could use a little help to verify we have everything setup correctly and securely.
We have two domains in house, Domain A is 2003 and Domain B is 2008. There is a two way trust between them currently. I want to make sure I have the DNS side setup and secured correctly.
So my questions:
1. I’ve added secondary DNS zones to all DC’s for the other domain. So on domain A (2003) I’ve added a secondary zone for domain B (2008). I’ve then added the name servers from domain B and left it at that. I did the same for domain B, adding secondary zones for domain A as well. Is this all that needs to be done?
2. Do Zone transfers need to be enabled for this, or need to be enabled anywhere? Does Domain A’s primary zone need to transfer to Domain B’s secondary zone and vice versa? Since these are just lookup/reference zones there shouldn’t need to write correct?
3. Also while I’m at it, without Zone transfers enabled on domain A, the other servers on domain A will still be updated since they’re AD integrated correct? Essentially I don’t need anything on the zone transfers tab for Domain A to Domain A correct?
Please let me know if you need any more info or clarification. Thanks for taking the time to read.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Nothing more is required but make sure necessary ports been allowed on the firewall and you are good to go.
Regards
__________________________
Awinish Vishwakarma
MY BLOG: http://awinish.wordpress.com/
Regards
__________________________
Awinish Vishwakarma
MY BLOG: http://awinish.wordpress.com/
ASKER
Thanks!
You are welcome.
Regards
__________________________
Awinish Vishwakarma
MY BLOG: http://awinish.wordpress.com/
Regards
__________________________
Awinish Vishwakarma
MY BLOG: http://awinish.wordpress.com/
ASKER
Domain A
Primary Zone - Allow zone transfer only to Domain B NS's
Domain B
Primary Zone - Allow zone transfer only to Domain A NS's
Looks like I'm good to go. Anything else I need to check?
Thanks!