Solved

Some DNS questions

Posted on 2006-06-13
4
247 Views
Last Modified: 2008-02-07
Hi,

I have 2 DNS servers, both are AD integrated (single domain), each server is in different site.
Since I'm having some DNS issues, I would like to ask you some questions:

The SOA record should point to the same server? or each SOA should point to it's server?
Since I'm only using AD integrated, may I disable zone transfers?


Thanks.
0
Comment
Question by:AbelB
  • 2
  • 2
4 Comments
 

Author Comment

by:AbelB
ID: 16892273
Oh, and another question I forgot...

In AD, under [domain]\System\MicrosoftDNS\RootDNSServers   there is nothing. is that OK? what should be here?


Thanks again.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 16892371

> The SOA record should point to the same server? or each SOA should point to it's server?

Because the zone is AD Integrated the SOA record appears differently depending on which server you're looking at it on.

It does that because every server has access to write to the zone file (unlike a standard Primary zone which only one server can write to).

> Since I'm only using AD integrated, may I disable zone transfers?

Yes. Unless you have a specific need to have Secondary DNS Servers then there's no need to allow Zone Transfers.

> In AD, under [domain]\System\MicrosoftDNS\RootDNSServers there is nothing.
> is that OK? what should be here?

Yes that's okay, it should be empty. It's the folder itself that has the things we're interested in bound to it. It contains the list of Root Name Servers which your server will use to answer Public Queries (unless you've set it up to use Forwarders).

What kind of DNS issues are you having?

Chris
0
 

Author Comment

by:AbelB
ID: 16892563
Thanks for your answers.

I am using forwarders, shouldn't I ?

I can't point to a specific DNS issue right now, I will try to find an example and write it here.


Thanks again.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 300 total points
ID: 16892582

There's nothing wrong with using Forwarders.

The Root Hints file (that's what's stored in the RootDNSServers bit) is how it resolves requests if you don't use Forwarders. Instead of just handing off the request to another DNS Server (the forwarder) it heads off to find the answer itself.

Chris
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server 2012 RRAS kills network connectivity 6 92
Sonicwall SOHO SSL-VPN no LAN Access 5 72
Sonicwall AP 3 56
Group Policy Question 7 64
Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now