Best practices for Child Domain TCP/IP DNS settings

Posted on 2007-08-09
Last Modified: 2013-11-05
What are the best practices for configuring DNS settings in the TCP/IP configuration of a child domain controller?  Point to itself or to a forest DC?
Question by:binnykuriakose
    LVL 30

    Expert Comment

    Assuming that there are 2 DCs in your child domain, have DC1 point to DC2 as primary and itself as secondary, and vice versa.  Depending on the physical topology of your network, the DNS servers on each DC can either forward to the root DCs or directly to your ISP to handle non-local and Internet queries.
    LVL 31

    Accepted Solution


    Use AD integrated zones with replication scope to all DCs in forest and configure DNS to point to itself.


    LVL 30

    Assisted Solution

    More: if you configure your child DNS servers to forward directly to your ISP, you'll need to provide a means for clients in to resolve hosts in the forest root domain.  You can accomplish this in a few ways:

    * Create a stub zone or conditional forwarder in the child that references the root domain
    * Change the replication scope of the root so that it replicates forest-wide


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    I'm sure that every Windows systems administrator has written, or at least used, a batch or VBS login script at some point in their career, whether it is to map network drives, install printers, or set some user preferences.  No more! With Window…
    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now