• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

DNS in AD forest problem

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exchange 2000 // 2003 // 2007 & Active Directory

View previous topic :: View next topic  
Author Message
ja187
Just Arrived
Just Arrived


Joined: 15 Jun 2010
Posts: 0


Offline

PostPosted: Mon Jun 28, 2010 9:13 am    Post subject: DNS in AD forest problem Reply with quote

Hi,
I've got AD forest which consist of 3 domains. One parent and two children. Parent domain is Windows 2003, children are 2008. The problem is that parent DNS can't see computers logged to child's domain. In the parent DNS, the only thing I see is IP of the child's DC.
Back to top
View user's profile Send private message
nonsence
Just Arrived
Just Arrived


Joined: 20 Oct 2003
Posts: 0


Offline

PostPosted: Wed Jul 14, 2010 12:01 am    Post subject: root domain points to child dns servers Reply with quote

"parent DNS can't see computers logged to child's domain"

i dont understand that part of your comment.

but i'll try to explain either way.

this would normally be ok. ur parent root dns servers dont need to know or keep records for all the child dns servers. not by default anyway. thats why u only see the dc/dns record for the child domain. when it wants to find something in the child domain it will forward the dns request to the child dns servers.
if you want to records of all child hosts in the root dns server then either configure the dns replication with active directory to go to all dns servers in the forest, or configure a separate secondary lookup zone and use a zone transfer from the child dns server to the root dns server.

but normally nowadays ur root dns servers would only keep track of ur child dns servers. conditional forwarders typically do this by default on a Windows server.
in a large network, ur root dns servers typically have only production servers, network devices and public internet records for ur dmz server listed in there. no need to also keep a copy of ur client systems connected to the child domain controllers.
Back to top
View user's profile Send private message
ja187
Just Arrived
Just Arrived


Joined: 15 Jun 2010
Posts: 0


Offline

PostPosted: Fri Jul 23, 2010 10:26 am    Post subject: Reply with quote

Thanks for reply and explanation.
Now I see, it's ok. Just before I deployed WinSvr2008 into our forest, I had only 2003 DCs, and those DCs replicate their zones to main DC of the forest.
It was new for me that 2008 create only delegation.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exchange 2000 // 2003 // 2007 & Active Directory All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register