Zoya said:
Folks,
I have a simple clarification.
I am trying to figure the difference between active
directory integrated forward zone file to the standard
primary one .
The technical difference is that the records are physically
stored in AD instead of in ordinary text (zone) files.
(It really has nothing to do with "forward" or "reverse" as
either can be AD Integrated or Primary etc.)
If I just have one Internal DNS server can I
have it set up as standard primary.
Yes, or as an AD Integrated -- most of the advantages appear
with multiple DNS servers though.
There is ONE major advantages that get even with one DNS
DC: Secure Dynamic Updates are only available if you use
AD Integrated.
Also I have a ISP doing External DNS.
And you should generally leave that separate AND at the ISP.
Where is the dns active directory
integrated forward lookup file stored.
In AD, on your internal DC(s).
Are you using the "same name" for the external and internal
versions of you DNS domain/zone?
If so you need to understand the concept of a "Shadow DNS",
aka, "Split DNS."
It is REALLY two zones with the same name -- you will have
the ISP running the EXTERNAL zone with a single primary etc.
AND you will have an INTERNAL only version of the zone
running it's own Primary (or AD Integrated) DNS server(s).
These will never replicate with each other -- which is what
you want.
You will therefore need to add all external entries to the internal
DNS MANUALLY -- and anytime you make changes -- so that
internal users can reach the external resources you own.