Solved

Microsoft DNS server question

Posted on 2013-12-07
7
411 Views
Last Modified: 2013-12-11
Hi
If I have a single forest with multiple domains. (Server 2008 and 2012)

Example.com is my root domain and then I still have two child domains test1.example.com and test2.example.com

My question is when I point a client pc to my root domain dns server example.com will it be able to resolve also everything in my child domains.
Please advice
0
Comment
Question by:ciscosupp
  • 4
  • 3
7 Comments
 
LVL 17

Expert Comment

by:Tony Massa
ID: 39702989
Yes.  When you create a child domain, a delegation to the sub-domains (and DNS domain) is created in the root forest or, if DNS is configured to replicate to "All DNS servers in the Forest".  In DNS you should see a delegation zone or a copy of the entire zone.

In either case, you can use the NSLOOKUP command on a client to test.  From a PC, run a command prompt:

C:\>nslookup
Default Server:  your.DNSServer.example.com
Address:  x.x.x.x

> test1.example.com
Server:  your.DNSServer.example.com
Address:  x.x.x.x

Non-authoritative answer:
Name:    test1.example.com
Address:  y.y.y.y

If the DNS record returns, then you're okay to point clients to the parent.  They should also work just fine if the clients point to the child domain DNS servers.
0
 

Author Comment

by:ciscosupp
ID: 39703146
Thanks
I will use a third party dns server (infoblox)  as my main dns sever for all my clients.
Basically all my clients will point to third party dns server and I will replicate my root domain controller with third party dns server.
Is it okay to only replicate root domain controller to third party  dns sever or must I also replicate my child cc's please advice.
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 39703225
You don't have to replicate the zone.   Just need a stub zone with glue records for the DNS zone example.com and the rest will work fine, unless that was the reason for the Infoblox.

Each sub-domain has a different DNS zone.  If you are replicating the zone only, then your will not be able to resolve sub-domains without adding stub zones ir replicating thise DNS zones as well
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:ciscosupp
ID: 39704033
ok but when i create stub zone and do changes on it wil it replicate to my ms dns server as i any changes made on ms dns or third party dns should sync
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 39704251
Only if you are replicating the stub zones to the Infoblox as well. They are separate DNS  zones after all. If not, you have ti manually update them.
0
 

Author Comment

by:ciscosupp
ID: 39711270
okay thanks my last question
can I also make changes in a secondary zone and are they then update to primary zone please advice
0
 
LVL 17

Accepted Solution

by:
Tony Massa earned 500 total points
ID: 39711343
No.  Secondary zones are by definition READ only copies of primary zones.  It's a one-way replication from primary to secondary
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question