There are many reasons why you'd want to make them all AD-integrated. One is the fact that you have 22 branch offices. Remember that in the Primary/Secondary configuration, changes are made ONLY on the Primary server. Since you are allowed only one primary, think about what will be happening at the other 21 sites when records need to be registered. With AD-intg, changes/additions can be done at ANY server, so records can be registered locally.
Sincerely,
D�j� Ak�m�l�f�, MCSE MCSA MCP+I
D�j� Ak�m�l�f�, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
From: Les B. Minaker
Sent: Tue 6/15/2004 8:04 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] DNS Server Architecture Recommendations
We are about to deploy a Win2K3 infrastructure parallel to an existing Windows NT environment. Initially, the environments will exist separately, so I have a degree of leeway with respect to playing with settings.
Network Configuration:
We have 22 branch sites on-network and I want each local site to resolve DNS queries themselves. In order to do this, I will be deploying DC's that also are DNS servers to each branch. As I said above, the Win2K3 existing on a different plane of reality and really does not affect the existing NT users.
My question revolves around DNS configuration issues. Should I make each server a primary DNS server that is AD integrated or should I go with a single "master" DNS server (located in a secure Data Centre) and make every other DC a secondary zone. And, what are the reasons why one option is "better" than the other?
Les Minaker
This e-mail (including any attachments) is for the sole use of the intended recipient and may contain confidential information which may be protected by legal privilege. If you are not the intended recipient, please immediately notify me by reply e-mail, delete this e-mail and destroy any copies. Thank you.
