SOA 'primary server' field

[ProAm]

Setup = Win2K forest, 2 DCs [say A and B] on root of domain and 2 DCs
[say C and D] on a child of that root domain. DC 'A' is the domain
naming operations master, AD throughout, no obvious replication
problems. Symptons are differing SOA serial numbers, i.e. not all DCs
are showing the most recent version [from DC 'A' where edited] of the
zone record.
Question, should the SOA 'primary server' show the FQDN of the local DC
or should/can it be DC 'A' for an AD hosted domain? I note that if I
create a secondary zone e.g. on a child DC with 'A' as the record
master, the transferred zone shows the local DC's FQDN in the primary
server field.

 

[Ace Fekay [MVP]]

In

Setup = Win2K forest, 2 DCs [say A and B] on root of domain and 2 DCs
[say C and D] on a child of that root domain. DC 'A' is the domain
naming operations master, AD throughout, no obvious replication
problems. Symptons are differing SOA serial numbers, i.e. not all DCs
are showing the most recent version [from DC 'A' where edited] of the
zone record.
Question, should the SOA 'primary server' show the FQDN of the local
DC or should/can it be DC 'A' for an AD hosted domain? I note that if
I create a secondary zone e.g. on a child DC with 'A' as the record
master, the transferred zone shows the local DC's FQDN in the primary
server field.

Why? In a nutshell, it's per design.

In a scenario with an AD integrated zone, and tehre are multiple DCs hosting
the zone, the SOA will be in a constant flux. Since *one* of the many
features/benefits of AD integrated zones is it's multimaster feature, then
whenever a record gets added/changed/deleted on any one specific DC, that
specific DC is the SOA for that moment in time. Keep in mind there are
constant changes going on, such as record registrations from workstations,
servers and DCs as well.

282826 - Active Directory-Integrated DNS Zone Serial Number Behavior:
http://support.microsoft.com/?id=282826

--
Ace
Innovative IT Concepts, Inc (IITCI)
Willow Grove, PA

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."

The only constant in life is change...

 

[ProAm]

In

Setup = Win2K forest, 2 DCs [say A and B] on root of domain and 2 DCs
[say C and D] on a child of that root domain. DC 'A' is the domain
naming operations master, AD throughout, no obvious replication
problems. Symptons are differing SOA serial numbers, i.e. not all DCs
are showing the most recent version [from DC 'A' where edited] of the
zone record.
Question, should the SOA 'primary server' show the FQDN of the local
DC or should/can it be DC 'A' for an AD hosted domain? I note that if
I create a secondary zone e.g. on a child DC with 'A' as the record
master, the transferred zone shows the local DC's FQDN in the primary
server field.

Why? In a nutshell, it's per design.

In a scenario with an AD integrated zone, and tehre are multiple DCs hosting
the zone, the SOA will be in a constant flux. Since *one* of the many
features/benefits of AD integrated zones is it's multimaster feature, then
whenever a record gets added/changed/deleted on any one specific DC, that
specific DC is the SOA for that moment in time. Keep in mind there are
constant changes going on, such as record registrations from workstations,
servers and DCs as well.

282826 - Active Directory-Integrated DNS Zone Serial Number Behavior:
http://support.microsoft.com/?id=282826

Thanks Ace, they were OK so I'll look at the zone permissions and double
check the replications.

 

[Ace Fekay [MVP]]

In

Thanks Ace, they were OK so I'll look at the zone permissions and
double check the replications.

Good to hear. btw- Be careful messing with permissions.

Ace