Can you do DNS Replication from AD to Zone File

Titonhw
Titonhw used Ask the Experts™
on
I have the following 4 servers

HH1 (Windows 2003 Server) on subnet 192.168.1.xx it runs AD, DHCP and DNS (Primary Server HH1)
HH2 (Windows 2003 Server) on subnet 192.168.1.xx it runs AD and DNS              (Primary Server HH2)
FILE (Windows 2003 Server) on subnet 192.168.0.xx it runs AD and DNS             (Primary Server FILE)
SOL (Windows 2003 Server) on Subnet 192.168.0.xx it runs DNS                           (Primary Server FILE)

I have noticed that our records in domain fred.co.uk under the Forward Lookup Zones are the same for HH1, HH2 and FILE, but different for SOL.

Please forgive my ignorance I’m very new to DNS.
If I check the SOA records for each of the Servers, SOL is different again saying the data is stored in a Zone File Name, whereas the other 3 servers store their data in AD.

My question is. Are the SOL DNS entries in the Forward Lookup Zone different because they are not being replicated to? And is this because SOL is not a Domain Controller and stores its data in a Zone file and not in AD? And if this is the case how do you replicate from an AD Integrated directory to a Zone File Name?

Mark
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
.

Commented:
If you check the replication scope on the zone is it set to all domain controllers in the active directory domain Fred.co.UK ? - legacy for windows 2000 dns servers.

Right click the flz in dnsmgmt and select properties, next to replication click change.

Author

Commented:
Johan

No, IN FLZ for Fred.co.uk under Properties/General tab Replication is set to: All DNS Servers in the Active Directory Domain.

Mark

Author

Commented:
Hi,

Bit more information,

The Non_DC server has its "Type" set to Primary.
Should this be set to Secondary so that it can receive the replication from the other DC./DNS servers?
Commented:
Hi, in this scenario you have two AD sites with two DNS servers for resilience right, each site has a DHCP server. in the site with a a single DC I would recreate the Zone in the Member server as a secondary zone using the DC in it's own site as the master. Set zone transfers on the master to list the MS only. IN DHCP for the single DC site set the DC as the first DNS server in the Options. This means that the DCs will replicate zones via AD replication and your member server will update it's local zone file from a DC. The drawback is that a secondary zone is read only so clients will not be able to update DNS using that server which in some instances makes it secure. In your case you still have a writable DNS server in the AD site and still have your redundancy. Does this sound right to you?

http://support.microsoft.com/kb/816518

Read only DNS servers are not that un common, remember that RODC,s do nt offer writable DNS zones either.

Author

Commented:
Johan,

Take all the points, this seems to have worked superbly after following the above instructions and doing a reload. The non-DC FLZ is now showing all the same DNS entries as the other DNS Servers.
All I have to hope now is it does it automatically.

Many Thanks  Mark.

Author

Commented:
Many Thanks
.

Commented:
Excellent !!!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial