DNS root zone issue - need a real guru for this one

Posted on 2006-05-04
Last Modified: 2010-04-18
Here is the situation:

We have two dns servers in the parent domain, on one dns server with a '.' on
it, this was done for security reasons. There is a child domain that
administers their own dns servers. All zones are AD integrated. Everything
was working fine. An admin in the parent domain decided to create a new '.'
zone on the second dns server in the parent domain. After replication
occurred, this "new" '.' zone was replicated to the child domain and I think
the original '.' zone was overwritten. Does this sound plausible? Question is
why wasn't the original '.' zone replicated to the second dns server in the
parent domain, but when a new '.' was created on the second dns server it was
replicated to the child domain? We are trying to determine what happened and
if our conclusions are correct.  Any help would be great. Thanks.
Question by:wayy2be
    LVL 51

    Accepted Solution

    The original root zone was set to replicate to all DNS servers in the Domain - therefore, it didn't propogate to the child domains.

    The new zone was created and set to replicate to all DNS servers in the Forest - and did.

    What leads someone to believe that a root zone promotes security?


    Author Comment

    I am not sure, it is contrary to everything I know. So in your opinion the new root zone, when replicated to all DNS servers in the forest, did overwrite the original root?
    LVL 51

    Expert Comment

    It probably would have, given the name and the partition it was created in.

    Just double-check the replication scope on that zone - if it's to all DNS servers in the Forest, then you have your answer.

    Author Comment

    Just checked and you are 100% correct!  Thanks for your help!

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Join & Write a Comment

    I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
    This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now