Announcement

Collapse
No announcement yet.

DNS in Singe Forest Single Domain Model

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS in Singe Forest Single Domain Model

    Hi,

    My scenario is I've three sites one is central site and two are regional , I'm going to design and deploy AD single forest single domain model on windows 2008 platform. On each site I'm going to place an ADC with GC+DNS role and going to delegate rights to my regional IT admins though the OU. My forest domain name is let suppose "abc.com"

    Now my question is what would be the DNS design for my regional sites in single AD model, should I create primary zone with the name of "abc.com" on my ADCs at each site or secondary zone?

    Incase of primary zone how I can delegate rights to my regional admins so that they should be able to add/delete record of their own region.

    Thanks,

  • #2
    Re: DNS in Singe Forest Single Domain Model

    If deploying a single forest, single domain, then you can only have one DNS primary zone. Therefore there are no 'regional' zones, all the admins will have to admin the same DNS zone.

    If you want regional DNS zone, then you need to change to a 3 domain setup, a parent domain and two child domains. Then you can delegate all admin to each of the child domains.

    Comment


    • #3
      Re: DNS in Singe Forest Single Domain Model

      You means in a single domain model I should create a Primary zone on my HQ site and secondary zones on each other site, but the problem is on my each site there are more than 500 computers and as the secondary zone is a read only zone it would not be authoritative to registered srv record and as a result all computers dns traffic will be routed to my HQ site.

      Comment


      • #4
        Re: DNS in Singe Forest Single Domain Model

        No; what he meant was to deploy 3 x AD domains within your forest (1 parent & 2 child). Eg. if your primary domain is abc.com then your regional domains (or subdomains) should be 123.abc.com & 456.abc.com. Once you have done that, you can delegate those subdomains (123 & 456) to your local IT admins. I hope it makes sense to you now.

        Comment


        • #5
          Re: DNS in Singe Forest Single Domain Model

          Yes I'm very much clear about child domain structure but is there any way to achive this in a single domain model?

          I've read lots of Microsoft articles and discuss with many peaoples and all are saying that the single model is best due to its simplicity and our company also wanna move on this model to reduce exchange server deployment complexity.

          Comment


          • #6
            Re: DNS in Singe Forest Single Domain Model

            You could use AD integrated zones and then delegate management to the site administrators by editing the the DACL of the zone which is stored in AD.
            http://technet.microsoft.com/en-us/l...38(WS.10).aspx
            Caesar's cipher - 3

            ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

            SFX JNRS FC U6 MNGR

            Comment

            Working...
            X