DNS child domain and delegation

B

Bill

I've been trying to determine the correct configuration of
DNS delegation of a child domain. I have 1 subdomain
(x.transcore.com)and a DNS server on the DC for the
subdomain. I've created a standard primary zone for the
subdomain (x.transcore.com)on the DNS server of the child
domain and have delegated a zone for the child domain from
the parent domain (transcore.com). I read several
articles on the subject that instruct you to create a NS
and A record (glue record) for the child domain in the
parent domain. The problem is there are 2 places to
create the NS record, in the newly created delegated zone
and the parent domain zone properties under the Name
Servers tab. Where should it be added? The other problem
is how do you create an A record for a DNS server with the
domain suffix of x.transcore.com in the transcore.com
zone? When creating the host record the location
(transcore.com) is unable to be altered, grayed out?

thank you,
Bill
 
A

Ace Fekay [MVP]

In
Bill said:
I've been trying to determine the correct configuration of
DNS delegation of a child domain. I have 1 subdomain
(x.transcore.com)and a DNS server on the DC for the
subdomain. I've created a standard primary zone for the
subdomain (x.transcore.com)on the DNS server of the child
domain and have delegated a zone for the child domain from
the parent domain (transcore.com). I read several
articles on the subject that instruct you to create a NS
and A record (glue record) for the child domain in the
parent domain. The problem is there are 2 places to
create the NS record, in the newly created delegated zone
and the parent domain zone properties under the Name
Servers tab. Where should it be added? The other problem
is how do you create an A record for a DNS server with the
domain suffix of x.transcore.com in the transcore.com
zone? When creating the host record the location
(transcore.com) is unable to be altered, grayed out?

thank you,
Bill
Click to expand...

In the parent DNS, go to the delegated record (the gray out folder),
properties, Name Servers tab, and add the additional DNS servers at the
child domain in there.

In the child domain's DNS server, create the x.transcore.com zone,
properties, Nameserver tab should only show the child domain's DNS. Then in
the child domain's DNS properties, Forwarding tab, forward to the parent's
DNS. From the parent's DNS, forward to the ISP.

That's pretty much it, not much to it at all.

Here;s more info on it:

255248 - HOW TO Create a Child Domain in Active Directory and Delegate the
DNS Namespace to the Child Domain:
http://support.microsoft.com/?id=255248

Delegating zones - Glue records and glue chasing:
http://www.microsoft.com/technet/tr...oddocs/server/sag_DNS_imp_DelegatingZones.asp

(Delegation and Forwarding) - Directing queries through forwarders:
http://www.microsoft.com/technet/tr...DNS_imp_DirectingQueriesThroughForwarders.asp


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
B

Bill

So there is no need for that host(A) glue record in the
parent domain then? How will DNS servers in the parent
domain know how to contact the DNS server in the child
domain?

thx again,
Bill
 
K

Kevin D. Goodknecht [MVP]

In Bill <[email protected]> posted a question
Then Kevin replied below:
: So there is no need for that host(A) glue record in the
: parent domain then? How will DNS servers in the parent
: domain know how to contact the DNS server in the child
: domain?
:
When you create the delegation, you have to give both its name and IP
address.
This data will be in the delegation.
 
C

Charlie

I've been dealing with this same sort of thing.
I did everything that you instructed Bill to do, except
for forwarding to the parent domain for this reason: The
two domains are connected over a slow WAN link, relying
on an on-demand VPN connection to communicate. The child
domain DNS server is instead forwarding to the ISP DNS
servers. Also, I have a secondary of the parent domain
on the child domain DNS server (I am using private IP
address ranges, so the parent domain DNS servers aren't
registered on the Internet). This seems to work, but
right now it's only in the test phase. Any comments or
suggestions? Should I instead use your solution and rely
on the VPN connection for resolving Internet names as
well as the parent domain names?
(I am seeing what seems like an unrelated problem on the
child domain DNS server so I will post it separately.)
Thanks
 
A

Ace Fekay [MVP]

In
Charlie said:
I've been dealing with this same sort of thing.
I did everything that you instructed Bill to do, except
for forwarding to the parent domain for this reason: The
two domains are connected over a slow WAN link, relying
on an on-demand VPN connection to communicate. The child
domain DNS server is instead forwarding to the ISP DNS
servers.
Click to expand...

This is the means for the child domain to find other resources in a domain
tree and forest. This is the proper method to make it work. You may get
errors or other things happening on the child domain DNS. One other poster
did it your way and he found his child zone is disappearing on him. Now not
sure if related to this or not, but it seems real fishy to me.

If one follows the proper recommendation, it should work.
Also, I have a secondary of the parent domain
on the child domain DNS server (I am using private IP
address ranges, so the parent domain DNS servers aren't
registered on the Internet). This seems to work, but
right now it's only in the test phase. Any comments or
suggestions? Should I instead use your solution and rely
on the VPN connection for resolving Internet names as
well as the parent domain names?
(I am seeing what seems like an unrelated problem on the
child domain DNS server so I will post it separately.)
Thanks
Click to expand...


I would try to follow the recommendation. FOrward back to the parent, then
the parent to the ISP. This way all things can get resolved in a forest,
especially important for AD. If you're having another problem, please do
post it.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DNS delegation not working 11
Child Domain DNS Woes 2
dns zones and domains 5
Child Domain - Deleted Root Hints - Forwarder Needed? 0
DNS Delegations 0
Child domain 10
AD integrated DNS - Parent Child question 3
delegation Zone 10

Top