What do I answer?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hopefully I've got the right place? I was looking for a group specifically for a Win2k3 DNS questions
so if I've overlooked it please pardon me. Although, it probably doesn't matter for my particular question
It probably has been asked and answered before, but here goes

When installing DNS on a server that will be promoted to the first DC, when the wizar
asks if this will be an Active Directory-Integrated or Primary, what do I answer?
 
You should answer Active Directory Integrated zone.
Windows NT 4 used to use Primary and Secondary zone but
as of Windows 2000 and Windows 2003 you should select
Integrated zone because of dynamic updates.

Urvish
-----Original Message-----
Hopefully I've got the right place? I was looking for a
Click to expand...
group specifically for a Win2k3 DNS questions,
so if I've overlooked it please pardon me. Although, it
Click to expand...
probably doesn't matter for my particular question.
 
In
Urvish Trivedi said:
You should answer Active Directory Integrated zone.
Windows NT 4 used to use Primary and Secondary zone but
as of Windows 2000 and Windows 2003 you should select
Integrated zone because of dynamic updates.

Urvish
Click to expand...

Well, just to add, and to correct your statement, it doesn't matter whether
the zone is AD Integrated or a Primary or a Secondary in W2k or W2k3.
Dynamic Updates is still an available option. If it';s a secondary zone, the
client will query the MNAME in the record to find the Master (which is the
Primary) and the registration request will be sent there.

Now as far as the original question, it;s a matter of personal and design
choice. Most of the time we'll use the AD Integrated option. See DNS servers
store their data in a number of different ways. The most familiar way is as
a text file in system32\dns on a Windows machine using a Primary or
Secondary zone (any Windows DNS service). Some other DNS services (non
Windows) may even use SQL to store data. Future Windows systems matter of
fact, will be SQL based.

AD Integrated zones happen to store their data in the actual physical Active
Directory database, specifically in the Domain NC partition, one of 2
"logical" partitions in the physical database. The AD Integrated option is
ONLY available on a DNS server that's installed on a DC only.

The advantages are many. One is you have a Secure Dynamic Updates option
where you it only allows updates from clients that are joined to the domain
only and no others. Another advantage, since it's in the AD database, it
will replicate automatically to other DCs in the same domain (on W2k) or to
other DCs in different domains (a new option in W2k3 using "Application
Partitions"). This eliminates the need for Primary and secondary zones.
Another option, if using more than one DC/DNS server, is that each DNS
server with an AD Integrated zone acts as a Master, so you have in essence,
a multi master DNS desig - you can change or add records on any one of them
and they get replicated automatically so the others "see" the changes.

Hope that helps.



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
----- Ace Fekay [MVP] wrote: -----

In
Urvish Trivedi said:
You should answer Active Directory Integrated zone.
Windows NT 4 used to use Primary and Secondary zone but
as of Windows 2000 and Windows 2003 you should select
Integrated zone because of dynamic updates.
Click to expand...

Now as far as the original question, it's a matter of personal and design
choice...

The AD Integrated option is ONLY available on a DNS server
that's installed on a DC only...



Hope that helps.



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

Thanks for the info. Although I do have a claifing question for you Ace.

"The AD Integrated option is ONLY available on a DNS server that's
installed on a DC only."

I've always installed DNS along with AD, but I decided to use the
correct method this time. That is, installing DNS first, verifying that
everything is working fine, then turn that DNS server into a Domain
Controller. If I understand the quoted statement above, I won't have
this option when I first install DNS? If that's true, is there a way to
turn this NOW DC into AD-Integrated?

Thanks again
 
In
Hodgepodge said:
Thanks for the info. Although I do have a claifing question for
you Ace.

"The AD Integrated option is ONLY available on a DNS server
that's installed on a DC only."

I've always installed DNS along with AD, but I decided to use the
correct method this time. That is, installing DNS first,
verifying that everything is working fine, then turn that DNS
server into a Domain Controller. If I understand the quoted
statement above, I won't have this option when I first install
DNS? If that's true, is there a way to turn this NOW DC into
AD-Integrated?

Thanks again
Click to expand...

That is true, you don't have the option. But what is nice that once that
dcpromo sees the zone already exists as a Primary, and if it's the first DC
installed in a domain, it will automatically make it AD Integrated for you.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
In
Hodgepodge said:
Sounds perfect Ace!

Thanks again for the info.
Click to expand...

No prob.
;-)

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top