Zone transfers fail if (same as parent domain) exists?

J

John T

I'm having a problem where my zone transfers fail...

Server A is a Windows 2000 Domain Controller with DNS (AD integrated
my domain, as well as numerous non-AD primary zones).

Server B is a Windows 2000 member server with DNS (secondary of my
domain).

Server C is a Windows 2003 domain controller with DNS (AD integrated
my domain).

All the non-AD primary zones on A have (same as parent domain) host
records so that people can resolve blah.tld as well as www.blah.tld.
BUT, if that record exists, transfers to B and C fail!

What can I do? Is the (same as parent domain) record the wrong way to
get people resolving blah.tld to an IP??

Thank you!
 
A

Ace Fekay [MVP]

In
John T said:
I'm having a problem where my zone transfers fail...

Server A is a Windows 2000 Domain Controller with DNS (AD integrated
my domain, as well as numerous non-AD primary zones).

Server B is a Windows 2000 member server with DNS (secondary of my
domain).

Server C is a Windows 2003 domain controller with DNS (AD integrated
my domain).

All the non-AD primary zones on A have (same as parent domain) host
records so that people can resolve blah.tld as well as www.blah.tld.
BUT, if that record exists, transfers to B and C fail!

What can I do? Is the (same as parent domain) record the wrong way to
get people resolving blah.tld to an IP??

Thank you!
Click to expand...

That is actually the correct way. Matter of fact, your domain controller
will register that record to identify itself. Its used by AD functionality,
such as how to find the DC so it can find Sysvol for replication, GPO
applying, and DFS. If the record for the actual DC is altered, it will cause
issues. Since this record is automatically registered by the netlogon
service. If you alter the record, you may see it disappearing and the DC's
record gets put back in. Since you have two DCs, they will both register
their records, so it will look like:

(same as parent) A IpAddresOfDc1
(same as parent) A IpAddresOfDc2

This is just one reason why its difficult to use an AD DNS server to host
multiple domains for public use. If you have two DCs in the same domain and
with DNS installed hosting the same zone, make both of them AD Integrated.
If you want to host mutliple zones for website purposes, and such, I suggest
to get a separate stand alone DNS server just for that purpose.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DNS Zone Transfers to secondary zones fails 2
same as parent folder reappearing 1
DNS Zone Transfer 3
Zone Transfer between Novell DNS and MS DNS. 1
zone disapearing 8
zone transfers from child domain 2
dns on multiple domains 7
transfers / updates between root and child domain 3

Top