Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 712
  • Last Modified:

Microsoft DNS Delegation Zone

Hi,
I have to Active Directory domains which are called:
domain1.local with 2 DNS servers dns11.domain1.local and dns12.domain1.local
and
domain2.local with 2 DNS servers dns21.domain2.local and dns22.domain2.local
I create in dns11.domain1.local a zone called domain2.local. On this new zone I create a new delegation which is pointing to dns21.domain2.local and dns22.domain2.local.
When I am using my client computer to ping machines from domain2.local those are not answering.
Mu delegation is not working, can you please help me with this.
Thank you.
0
BetfairRomania
Asked:
BetfairRomania
  • 4
  • 4
1 Solution
 
Chris DentPowerShell DeveloperCommented:

> On this new zone I create a new delegation

Do you created something like sub.domain2.local in there?

From the sound of it you don't want to be using a Delegation here. You want to resolve names in domain2.local? Instead you want to use any of...

1. Conditional Forwarder
2. Stub Zone
3. Secondary Zone

Which is most appropriate depends a bit on the DNS server. Most are capable of 1, but Windows 2000 isn't.

Chris
0
 
BetfairRomaniaAuthor Commented:
Hi,
thank you for your answer.
What I really need is from my client computer when I run this commands ping -a 192.168.180.23 and this ping server1.domain2.local I need this machine called server1.domain2.local to respond.
I create in dns11.domain1.local a reverse lookup zone for 180.168.192 and also in this DNS server I create a forward lookup zone called domain2.local which i delegated to dns21.domain2.local.
Thank you.
0
 
Chris DentPowerShell DeveloperCommented:

> ping -a 192.168.180.23

This is an entirely different matter. Ping -a attempts to resolve a name from the given IP address. That requires Reverse Lookup not Forward. Where is the Reverse Lookup Zone?

When you run "ping server1.domain2.local" the DNS server your client uses will need a way to find the records in domain2.local. This one comes to the next bit.

> delegated to dns21.domain2.local

Zones can only be delegated from a parent zone. To delegate domain2.local you would have to have a zone called "local.".

You cannot Delegate this and expect to be able to resolve names. You must use one of the three options I quoted above.

Chris
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
BetfairRomaniaAuthor Commented:
Hi,

> domain1.local
dns11.domain1.local and dns12.domain1.local

>domain2.local
dns21.domain1.local and dns22.domain2.local

What I need is:
> when you ping server1.domain2.local = 192.186.180.23
> when you ping -a 192.168.180.23 = server1.domain2.local

What I have done:
>in dns11.domain1.local and dns12.domain1.local I create a reverse lookup zone called 180.168.192
>in dns11.domain1.local and dns12.domain1.local I create a forward lookup zone colled domain2.local and from new delegation wizard I select dns21.domain2.local and dns22.domain2.local
>I create a new PTR record entry as 23  in reverse lookup zone called 180.168.192

Thank you.
0
 
Chris DentPowerShell DeveloperCommented:

> in dns11.domain1.local and dns12.domain1.local I create a forward lookup
> zone colled domain2.local and from new delegation wizard I select
> dns21.domain2.local and dns22.domain2.local

So you have New Delegation. You clicked Next, then put what in the box that needs a value before you can continue?

You can only delegate responsibility for a zone from the Parent Zone. You cannot delegate on the same level.

Delete the "domain2.local" zone from the two servers on domain1.local then create a new Stub Zone as follows.

1. Right click and select New Zone click Next on the first page
2. Select Stub Zone and click Next
3. Enter the name domain2.local then click Next
4. Allow it to create a file with the default name then click Next
5. Enter the IP Addresses for dns21 and dns22. Click Next then Finish

No problems with the Reverse Lookup Zone.

Chris
0
 
BetfairRomaniaAuthor Commented:
HI,
in this way reverse is working only for DNS machine domain2.local (dns21 and dns22).
How can I make it  work  for all machine from domain2.local domain
Thank you.
0
 
Chris DentPowerShell DeveloperCommented:

Do both domains share the same IP range?

Are you wanting them to use Dynamic Updates to add themselves to the zone?

You might create a Secondary zone for the Reverse Lookup on the DNS servers in domain2.local.

Chris
0
 
BetfairRomaniaAuthor Commented:
Hi,
on both DNS servers from domain2.local I have a reverse lookup zone for all machines served by those DNS servers.
No this domains are using diffren IP range.
Thank you.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now