Zone transfer and AD

  • Thread starter Thread starter danieltan
  • Start date Start date
D

danieltan

The zone transfer tab in DNS, is it for standard primary zone or for AD
integrated zone ? Does AD zone needs it, as i know AD zone will
propogate to all AD dns automatically , right ? Pls advise, thanks

Regards
Daniel
 
The zone transfer tab in DNS, is it for standard primary zone or for AD
integrated zone ?
Click to expand...

For non-AD replication.

It applies to both transfers from this server to any (ordinary)
Secondary -- as such it might be set on any of Primary,
AD-Integrated, or Secondary DNS server and really affects
whether secondaries can do ordinary zone file (type)
transfers.
Does AD zone needs it,
Click to expand...

Only if it has ordinary Secondaries -- or you wish to
use a management console to do "zone listing" (which
count as zone transfers.
as i know AD zone will
propogate to all AD dns automatically , right ? Pls advise, thanks
Click to expand...

It is really more about ALLOW transfers than the
type of server you set it on.

For AD replication it is however irrelevant.
 
Herb, i dun understand the last paragraph you mentioned that "It is
really more about ALLOW transfers than the type of server you set it
on.
For AD replication it is however irrelevant. "

I was asking whether AD integrated zone by default will always
propogate itself to other DNS, and you say depends on server , but last
sentence you mentioned it is irrelevant.

Regards
Daniel
 
Herb, i dun understand the last paragraph you mentioned that "It is
really more about ALLOW transfers than the type of server you set it
on.
For AD replication it is however irrelevant. "
Click to expand...

Re-read the whole thing carefully and ask me an inline question.

You can allow or deny zone transfers from ANY type of server.

You MUST allow zone transfers IF you have any Seconaries.

Zone transfers are more about having Secondaries dependent
on this server than the type of server where you set it.

Do you know that a Secondary and use another Secondary for
it's Master?

(Many people think that only a Primary can be master. That's
wrong.)

Do you know that even AD-Integrated DNS servers can have
secondaries that use them for their master?
I was asking whether AD integrated zone by default will always
propogate itself to other DNS,
Click to expand...

Yes, I answered this too. You need to re-read the entire
response.

But the key is the REPLICATION type -- not the server type
where you set it.

AD-Replication of DNS is NOT dependent on that setting.

BUT an AD-DNS server may need that to supply zone
transfers for some Secondary DNS.
and you say depends on server , but last
sentence you mentioned it is irrelevant.
Click to expand...

AD Replication is not affected BUT some DC-DNS servers
may need the setting.

The two are NOT in conflict. You are probably making
assumptions that make it SEEM in conflict (your original
question indicated this as well.)

I was trying to both answer the question and point out the
incorrect assumptions.
 
The zone transfer tab in DNS, is it for standard primary zone or for
AD integrated zone ? Does AD zone needs it, as i know AD zone will
propogate to all AD dns automatically , right ? Pls advise, thanks

Regards
Daniel
Click to expand...

One simple way to put it: An AD Integrated zone will "act" like a Primary
zone for any Secondary zones you want. That setting will allow or disallow
transfers to the Secondary zone. Zone transfers have NOTHING TO DO WITH AD
Integration. It's whether you want to allow a zone transfer to a secondary.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Paramount: What's up with taking Enterprise off the air??
Infinite Diversities in Infinite Combinations.
=================================
 
Back
Top