Empty Root Domain Design

M

Mike Kline

I wanted to see if anyone had any thoughts on our DNS design.

Empty root = Company.com -- Active Directory Integrated Zone

Child Domain = child.company.com -- Active Directory Integrated

Child Domain = child2.company.com -- Active Directory Integrated

Comapany.com will have delegations to the child domain DNS servers.
The child DNS servers will be configured as a secondary zone to the
compay.com zone. This configuration is for fault tolerance and allows
the child name servers to contact the other child without talking to
the root.

Is this overkill? Would the AD Integrated zones transfer the data to
each other or is the secondary zone on the child domains a good idea?

I think Windows 2003 has some better solutions but we are using W2K.

Thanks
Mike
 
A

Ace Fekay [MVP]

In
Mike Kline said:
I wanted to see if anyone had any thoughts on our DNS design.

Empty root = Company.com -- Active Directory Integrated Zone

Child Domain = child.company.com -- Active Directory Integrated

Child Domain = child2.company.com -- Active Directory Integrated

Comapany.com will have delegations to the child domain DNS servers.
The child DNS servers will be configured as a secondary zone to the
compay.com zone. This configuration is for fault tolerance and allows
the child name servers to contact the other child without talking to
the root.
Click to expand...

If you're going to use delegations, it's recommended to forward back to the
parent and not use secondaries. This way any child query can resolve
anything in the whole organization, which is important for replication.
Is this overkill? Would the AD Integrated zones transfer the data to
each other or is the secondary zone on the child domains a good idea?
Click to expand...

Nope. Delegate, then forward back.
I think Windows 2003 has some better solutions but we are using W2K.
Click to expand...

Yes it does with Stub zones, but in this scenario, the delegation will work
fine, W2k or W2k3. Here, read up on it:

255248 - HOW TO Create a Child Domain in Active Directory and Delegate the
DNS Namespace to the Child Domain:
http://support.microsoft.com/?id=255248

(Delegation and Forwarding) - Directing queries through forwarders:
http://www.microsoft.com/technet/tr...DNS_imp_DirectingQueriesThroughForwarders.asp

Thanks
Mike
Click to expand...



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Empty Root DNS Design 2
AD integrated DNS - Parent Child question 3
transfers / updates between root and child domain 3
Zones disappearing - no idea why - help! 2
Zone x-fer event 6525 "refused" error happens frequently 9
Fix Child Domain DNS prior to adding 2003 DCs 1
After server restart Dns zone is disappears 18
site to site, Parent domain/child domain DNS 3

Top