First and foremost, Windows dynamic update doesn't create zones or the necessary records to provide for delegation. It does create A records, SRV records, CNAME records, subdomains and could create many other record types if you were to code it yourself.
In your scenario, a subdomain named baz.foo.com will be created that somewhat mimics the zone content and hierarchy of its parent foo.com. If you wish to delegate authority over baz.foo.com to a.n.other name server, you should create the zone on the 2nd name server (baz.foo.com) and place a delegation to the 2nd name server on the first (assumes dyn. update is configured etc.). The resolver of the new DC creating the child can point to either of the two name servers. If you decide to use the 2nd name server, this assumes that resolution back up the namespace has been configured via - 1. stub zones (good idea) 2. conditional forwarding (not horrific by any means, I just prefer stub zones) 3. general forwarding (depends on the scenario) ... but not root hints (this won't work and shouldn't be used unless you have no desire to provide public name resolution for the Internet. If that is the case further configuration requirements exist in order to fully support it). -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hunter, Laura E. Sent: Friday, January 14, 2005 10:21 AM To: [email protected] Subject: [ActiveDir] DNS question Morning all, So I've been reading through the Deployment Kit and the product docs for 2003, and I think I'm not grasping a small-but-fundamental point about how DNS zones relate to AD domains. Let's say I create a new child domain within AD. I've already got foo.com configured, and now I want to create baz.foo.com. So I run dcpromo to set up the first DC for baz.foo.com. What happens to the foo.com DNS zone file at this point? Is baz.foo.com automatically delegated to a new zone file through dcpromo? Or does it remain a part of the foo.com zone until I manually delegate it out? Does the answer to this change based on whether I'm using AD-integrated DNS or not? Thanks in advance for any insight! Laura List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
