Zone Transfer between Novell DNS and MS DNS.

B

bushman

I have Novell DNS, and we recently setup MS DNS on our Win2k3 Domain
controllers. All the client machines point to Novell DNS as their
primary provider. We are transferring the Novell Promary zones to
secondary zones on the Windows servers.

We have run into a snag though. We have one Reverse lookup zone that
exists in Novell and Windows and both show the zone as a primary
zone. The Windows reverse lookup zone is also AD intergrated. The AD
integrated reverse zone is not complete and it causes resolution
failures when we try to do reverse lookups. Is there a way to perform
a zone transfer to the AD intergrated zone and not lose any entries?
 
A

Ace Fekay [MVP]

In
bushman said:
I have Novell DNS, and we recently setup MS DNS on our Win2k3 Domain
controllers. All the client machines point to Novell DNS as their
primary provider. We are transferring the Novell Promary zones to
secondary zones on the Windows servers.

We have run into a snag though. We have one Reverse lookup zone that
exists in Novell and Windows and both show the zone as a primary
zone. The Windows reverse lookup zone is also AD intergrated. The AD
integrated reverse zone is not complete and it causes resolution
failures when we try to do reverse lookups. Is there a way to perform
a zone transfer to the AD intergrated zone and not lose any entries?
Click to expand...

AD Integrated zones act and behave as Primary zones, along with additional
features that go above and beyond the RFCs. Therefore an AD Integrated zone
CANNOT be a secondary, however it can act as a Master for secondaries. You
have to think of AD integrated zones as Primaries/Masters. You will have to
make a choice as to which way to go with this.

IMHO, honestly for security reasons, I would recommend using MS DNS as the
focal point. AD integrated zones are much more secure since the data is
physically stored in the AD database and not as a text file, such as a
traditional Primary or Secondary zone. Such zone data may be exposed to
corruption if someone had inadvertent access to the data. You also have the
ability to allow secure updates from only machines that are joined to the
domain. I'm not sure what version of Novell DNS you are using, but I am
assuming it supports SRV records, which AD requires.


--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

Having difficulty reading or finding responses to your post?
Instead of the website you're using, try using OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. Anonymous access. It's free - no username or password
required nor do you need a Newsgroup Usenet account with your ISP. It
connects directly to the Microsoft Public Newsgroups. OEx allows you
o easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject. It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

"Quitting smoking is easy. I've done it a thousand times." - Mark Twain
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

dns on multiple domains 7
Proper DNS configuration help 12
Zone transfer 19
DNS problems win 2k & 2003 3
zone disapearing 8
Zone Transfer problem - Need Help 6
New Job, new DNS challange, need advise. 2
Error converting DNS Zone to Integrated 3

Top