Replicating a DNS Primary Zone

Posted on 2006-06-08
Last Modified: 2008-03-06
I have created an additional zone as a primary zone but it is not replicating to the other two DNS servers like the AD zones are.  Why is this?  Is there a force option for primary DNS Zones?
Why use AD zones instead of Primary and vise versa?
Question by:wrwiii12
    LVL 82

    Accepted Solution

    To answer your first question: the other DNS servers don't replicate because you need to create secondary zones on the other DNS servers that replicate from the primary zone (and allow zone updates for the zone on the primary).
    Otherwise you need to change the zone type from Primary to Active Directory Integrated, then they will be replicated through AD.
    The second one: if you can use them, use AD integrated zones, because ADI zones offer secure dynamic updates; in addition, every ADI DNS server will be Start of Authority, so every DNS server can accept dynamic updates (as opposed to a "regular" primary/secondary setup, where only the primary has a writable copy of the zone).
    LVL 12

    Expert Comment


    The primary DNS isn't trusted for zone transfers by default.  The AD int DNS servers replicate zone changes by AD replication.  Add the primary DNS to the zone transfers list in order to make it an authoritative dns server in the zone.  If not doing so already set the updates to secure and allow zone transfers only to the name servers on the zone transfer list.

    LVL 4

    Author Comment

    When would you have to use primary/secondary?
    LVL 82

    Expert Comment

    If the DNS server isn't a DC (like public DNS servers).

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Introduction Often we come across situations wherein our batch files would be needing to reboot Windows for a variety of reasons. A few of them would be like: (1) Setup files have been updated whose changes can take effect only after a reboot …
    Windows 7 does not have the best desktop search built in. This is something Windows 7 users have struggled with. You type something in, and your search results don’t always match what you are looking for, or it doesn’t actually work at all. There ar…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now