Our school district has 40 sites, originally utilizing a seperate NT4 domain in each site. We then upgraded to Windows 2000, and converted to a parent domain and 39 child domains. (we are working on a plan to finally go to a single flat domain, but that will take time..)
In the present model, each domain including the parent has its own DNS zone, integrated into AD, but only replicated to DCs in that domain via AD. Each child domain has a secondary zone (file-based) for the parent domain, replicated from the parent domain DNS servers. Delegation records in the parent DNS zone for each child zone finish the picture. DNS resolution is complete, and works well, BUT it's a pain to maintain!
Now that we have finally eliminated the last Windows 2000 DC, (and all but two of the 2003 DCs) I am interested in switching to a DNS structure entirely stored and replicated by DNS. Nothing I've read, so far, answers two questions I have:
1. Currently, when we install a new child-domain DC, DNS is autmatically configured with the domain's DNS zone. Then we have to manually add and configure the secondary zone for the parent domain. If the parent domain was set to replicate to all DCs in the forest, would that secondary zone also be automatically created?
2. How would I manage the switchover? After I set the parent DNS zone to replicate to all servers in the forest, what changes would I have to make to the child domain DNS servers? (There are a lot of them...)
School Distruict 68