On 2013-12-09 23:48, Syafril Hermansyah wrote: >> sebenarnya bagaimana settingan konfigurasi yang benar untuk AD DNS pak?
> yang sering jadi masalah adalah jika local admin mengotak-atik DNS di > RODC, padahal ini tidak boleh dan menimbulkan tolakkan dari MAD --> > koneksi diblock oleh Master AD. Sorry, singkatnya DNS di AD tidak boleh diotak-atik. http://technet.microsoft.com/en-us/library/cc753223%28v=ws.10%29.aspx ---- Read-only Domain Name System You can install the Domain Name System (DNS) Server service on an RODC. An RODC is able to replicate all the application directory partitions that DNS uses, including ForestDNSZones and DomainDNSZones. If a DNS server is installed on an RODC, clients can query it for name resolution as they might query any other DNS server. However, the DNS server on an RODC does not support client updates directly. When a client attempts to update its DNS records against an RODC, the server returns a referral. The client then attempts the update against the DNS server that is provided in the referral. In the background, the DNS server on the RODC attempts to replicate the updated record from the DNS server that made the update. This replication request is only for a single object (the DNS record). The entire list of changed zone or domain data is not replicated during this special, replicate-single-object request. --------- Entah kenapa di MS DNS (sekalipun non AD integrated) tidak ada tolakan saat user mengubah DNS resource record di secondary DNS, padahal itu tindakan fatal, yang tampil cuma banyak error di log. -- syafril ------- Syafril Hermansyah Running MDaemon 13.6.1 Beta B, SP 4.1.5 Nothing is as simple as it seems at first Or as hopeless as it seems in the middle Or as finished as it seems in the end. -- --[MDaemon-L]------------------------------------------------ Milis ini untuk Diskusi antar pengguna MDaemon Mail Server. Netiket: http://www.netmeister.org/news/learn2quote Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com Versi terakhir MD 13.6.0, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 2.1.2, PP 2.0.1
