Start of Authority and Zone Transfers

G

Guest

I have two W2K domain controllers in a single W2K native mode domain

I noticed something in DNS today that I don't think is correct and it ma
explain some minor quirks

In my domain's zone entry (let just call it domain.com) on Server1, I hav
'server1.domain.com' listed as the start of authority. On the zon
properties page for domain.com on Server2, I have 'server2.domain.com
listed as the start of authority

In other words, for the same zone on each DNS server, I have the D
listing itself as the SOA

The first question is, should I not be listing the other server as th
Start of Authority. Should Server1 list Server2 as it's SOA and vise versa

The second question is should I list both name servers (Server1 an
Server2) in the Zone Transfers tab. Currently, it is not configured. Wha
exactly, would it do if I did activate Zone Transfers

Thanks for taking the time to read this. Any and all ideas are welcome
 
S

Sean Siler

It sounds like that is exactly what you need.

Assuming the two DNS servers are in the same domain (which I assume they
are) they should have identical information.

The way that should have happened was to set up the zone on the first DNS
server, then have the second DNS server replicate the info from the first
(via zone transfer)

It sounds like someone set up the second DNS server with a separate zone
having the same name, which will cause lots and lots and lots of problems.

I would recommend checking all your clients and servers to ensure they are
pointed to the first DNS, then remove DNS from the second server. (Run
dcdiag /fix from the existing DCs to make sure they re-register their
records with the first DNS. Then re-add DNS to the second box, and ensure
you have it join the existing zone as a secondary.

Un fortunately, just adding the second box to the Zone Transfer tab will not
fix the issues.
 
D

Deji Akomolafe

There is nothing to fix here. The DNS servers are peers and each one
considers itself authoritative for that zone. I am assuming that this zone
is AD-integrated. So, here there is not Primary/Secondary. What you see is
by desing and should cause no issue.

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - COMPLETE SPAM Protection
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

AD integrated - different SOA. 1
subdomain zone delegation 4
PDC replacement caused DNS issues: no DNS records! 16
Oh My God! DNS again. 3
Srv Records 1
Can't join Domain 5
More General questions on DNS admin tool 3
Secondary zone not loaded after DNS restarted 2

Top