If the sending DNS server(WIn2k3 upgraded from win2k), a
subdomain, sends it's Zone file to the main, root, DNS
server(Unix), and the zone is Active Directory
Integrated, is there any reason the Unix box would
receive errors or fail to keep the zone file loaded? It
sometimes gets errors and at others, it receives zone
transfer. Is it necessary to send any zone file transfer
once you start pulling your own in? Is there any reason
to forward to root, especially if you have root hints
still installed?

In news:b4b001c43784$fa61f130$(E-Mail Removed),
KJ <(E-Mail Removed)> posted their thoughts, then I
offered mine
> If the sending DNS server(WIn2k3 upgraded from win2k), a
> subdomain, sends it's Zone file to the main, root, DNS
> server(Unix), and the zone is Active Directory
> Integrated, is there any reason the Unix box would
> receive errors or fail to keep the zone file loaded? It
> sometimes gets errors and at others, it receives zone
> transfer. Is it necessary to send any zone file transfer
> once you start pulling your own in? Is there any reason
> to forward to root, especially if you have root hints
> still installed?


Doesn't sound like the ideal scenario. If you have child domains, the best
practice and recommendation is to use delegation from the DNS server hosting
the parent zone to the child DNS servers hosting the child zone. Then use a
forwarder back to the parent DNS.

AD Integrated zones act like a Primary zone for zone transfers, so I can't
remember any issues between BIND and MS DNS. I woiuld just insure there are
no firewalls in between and that zone transfers are allowed, maybe even try
specifically to the IP, or allow all.

I wouldn't alter the Root hints, that just complicates matters when
diagnosing and is not necessarily recommended. Just use the forwarders. If
already using Root Hints, then no forwarder is required. But would rather
see you use forwarding.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================

Started out supposedly being delegated, but the new
Internal network (behind firewall) needed a push to it so
went with zone transfer, then lost any delegation it
seemed because local web sites were not found, then after
receiving a zone transfer, it starts working. There still
are some glitches that users are not getting past Citrix
Nfuse site into that domain even though there are zone
files available on both sides now.

>-----Original Message-----
>In news:b4b001c43784$fa61f130$(E-Mail Removed),
>KJ <(E-Mail Removed)> posted their
thoughts, then I
>offered mine
>> If the sending DNS server(WIn2k3 upgraded from win2k),
a
>> subdomain, sends it's Zone file to the main, root, DNS
>> server(Unix), and the zone is Active Directory
>> Integrated, is there any reason the Unix box would
>> receive errors or fail to keep the zone file loaded? It
>> sometimes gets errors and at others, it receives zone
>> transfer. Is it necessary to send any zone file
transfer
>> once you start pulling your own in? Is there any reason
>> to forward to root, especially if you have root hints
>> still installed?
>
>
>Doesn't sound like the ideal scenario. If you have child
domains, the best
>practice and recommendation is to use delegation from
the DNS server hosting
>the parent zone to the child DNS servers hosting the
child zone. Then use a
>forwarder back to the parent DNS.
>
>AD Integrated zones act like a Primary zone for zone
transfers, so I can't
>remember any issues between BIND and MS DNS. I woiuld
just insure there are
>no firewalls in between and that zone transfers are
allowed, maybe even try
>specifically to the IP, or allow all.
>
>I wouldn't alter the Root hints, that just complicates
matters when
>diagnosing and is not necessarily recommended. Just use
the forwarders. If
>already using Root Hints, then no forwarder is required.
But would rather
>see you use forwarding.
>
>--
>Regards,
>Ace
>
>Please direct all replies to the newsgroup so all can
benefit.
>This posting is provided "AS-IS" with no warranties and
confers no
>rights.
>
>Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
>Microsoft Windows MVP - Active Directory
>
>HAM AND EGGS: A day's work for a chicken; A lifetime
commitment for a
>pig. --
>=================================
>
>
>.
>

In news:bb7c01c43810$c7737000$(E-Mail Removed),
KJ <(E-Mail Removed)> posted their thoughts, then I
offered mine
> Started out supposedly being delegated, but the new
> Internal network (behind firewall) needed a push to it so
> went with zone transfer, then lost any delegation it
> seemed because local web sites were not found, then after
> receiving a zone transfer, it starts working. There still
> are some glitches that users are not getting past Citrix
> Nfuse site into that domain even though there are zone
> files available on both sides now.
>

I cannot see how a delegation can be lost, if that is what you're hinting
at. A delegation just has pointers for the parent DNS to know what DNS
server hosts the child zone, so there is no zone transfers in a delegation
scenario.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================