RE: [ActiveDir] DNS - zone delegation questions

[Roger Seielstad]

Title: Message

Actually - you should be able to do dynamic updates regardless of the delegation status - IF you haven't set it to secure updates only. If the child domains secondary the zone, the secondaries will forward registrations to the master, and that can perform the registration.   Roger -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message----- From: Santhosh Sivarajan [mailto:[EMAIL PROTECTED] Sent: Monday, March 15, 2004 9:51 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DNS - zone delegation questions Yes. You are right.  Reverse DNS is a bit trickier.  But it is not possible to perform Dynamic updates on Classes Reverse Lookup zones.     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Monday, March 15, 2004 7:15 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] DNS - zone delegation questions   Yes, you are doing it correctly.   Reverse DNS is a bit trickier, especially if you're not breaking IP blocks at non-classful boundaries (ie not Class C's or Class B's). For the most part, however, you're going to be able to do the same type of delegation, assuming you're not significantly mixing domains on the same subnets - that becomes an issue if you want to use secure updates.   For DNS related matters, DNS and Bind (the latest edition) is the best book for DNS. However, the configuration sections are for BIND running on Unix. There's a pair of Windows specific versions, one of which was cowritten by our own Robbie Allen (geared towards . http://www.wiredeuclid.com/modules.php?op=modload&name=books&file=index&bkid=49&ttitle=DNS_on_Windows_Server_2003   The Windows 2000 version (probably want to get the 2k3 version though) is listed with the other books here: http://www.wiredeuclid.com/modules.php?op=modload&name=books&file=index&req=view_cat&cid=3   Roger -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message----- From: Daniel L. Gilbert [mailto:[EMAIL PROTECTED] Sent: Saturday, March 13, 2004 8:42 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] DNS - zone delegation questions To All:   I apologize for the length of the question but,...   I am looking for a good reference/how-to on delegating DNS zones in Windows 2003.  My real purpose, I am hoping to learn this subject, rather than just getting the answer.  But any help will be appreciated.   I have looked in Google, TechNet, and Microsoft.com but just can't hit the right search phrase.   I am trying to get a grasp on "delegating a DNS zone in Windows 2003"   I have a Windows 2003 forest; parent.com, child1.parent.com, child2.parent.com, and child3.parent.com.   DNS currently resides only on DC1 in parent.com, zone is ADI allowing secure updates only.   On dc1.child1.parent.com, I installed DNS, made it the primary for the DNS zone; child1.parent.com.   I tried to delegate the zone using the right-click New Delegation selection but got the following error message: "A DNS domain or delegation by this name already exists.  To change an existing delegation, right-click on the delegation and select Properties.  To change a DNS domain into a delegation, delete the domain and then create the delegation"   I then deleted the child1 subzone on dc1.parent.com and used the Wizard to create a zone delegation for the child1.parent.com zone.  Wizard finished successfully.   From dc1.parent.com I can ping the dc1.child1.parent.com by name. From dc1.child2.parent.com I can ping the dc1.child1.parent.com by name. From dc1.child3.parent.com I can ping the dc1.child1.parent.com by name.   My first question is: Am I doing the zone delegation correctly?   My second question: Do I do the same steps to delegate the Reverse Zone?   Dan