dns zones and domains

houghtp · External Since: Jun 29, 2007 Posts: 5

Hi could sombody clear this up for me.

at work have a dedicated root ad domain root.net with its dns zone
root.net, and then have a child ad domain child.root.net with its own
dns zone child.root.net. why would this not have been configured so
the root dns domain delegated a new dns domain for the child domain,
why would a new zone have been created instead

thanks?

Kevin D. Goodknech1 · External Since: Jun 20, 2004 Posts: 1397

Read inline please.

In news:1183129231.981043.318610@o61g2000hsh.googlegroups.com,
houghtp <paul.houghton.RemoveThis@britvic.co.uk> typed:
> Hi could sombody clear this up for me.
>
> at work have a dedicated root ad domain root.net with its dns zone
> root.net, and then have a child ad domain child.root.net with its own
> dns zone child.root.net. why would this not have been configured so
> the root dns domain delegated a new dns domain for the child domain,
> why would a new zone have been created instead

You questions are very confusing. The normal way this is done is to have
child DCs holding the child.root.net zone and the Root DCs holding the
root.net zone. Then so the root.net DNS servers can resolve names in the
child.root.net zone, which are on different DCs you should have a delegation
named child in the root.net zone. This delegation should have NS records for
the child DCs, and the child DCs would have a Conditional forwarder, Stub
zone or secondary zone for root.net.
Your questions make it unclear as to what you have.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

houghtp · External Since: Jun 29, 2007 Posts: 5

On 29 Jun, 21:03, "Kevin D. Goodknecht Sr. [MVP]"
<a....RemoveThis@nospam.WFTX.US> wrote:
> Read inline please.
>
> Innews:1183129231.981043.318610@o61g2000hsh.googlegroups.com,
> houghtp <paul.hough....RemoveThis@britvic.co.uk> typed:
>
> > Hi could sombody clear this up for me.
>
> > at work have a dedicated root ad domain root.net with its dns zone
> > root.net, and then have a child ad domain child.root.net with its own
> > dns zone child.root.net. why would this not have been configured so
> > the root dns domain delegated a new dns domain for the child domain,
> > why would a new zone have been created instead
>
> You questions are very confusing. The normal way this is done is to have
> child DCs holding the child.root.net zone and the Root DCs holding the
> root.net zone. Then so the root.net DNS servers can resolve names in the
> child.root.net zone, which are on different DCs you should have a delegation
> named child in the root.net zone. This delegation should have NS records for
> the child DCs, and the child DCs would have a Conditional forwarder, Stub
> zone or secondary zone for root.net.
> Your questions make it unclear as to what you have.
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
>
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================http://www.lonestaramerica.com/http://support.wftx.us/http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and morehttp://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:http://www.oehelp.com/OEBackup/Default.aspx
> ===================================

Hi Kevin thanks for the reply. i realised my question was confusing
after i posted it (apologies for that) i got mixed up with domains and
zones but i think i've answered some of my own questions - but i have
1 remaining.
we have as I said a root zone and a child zone but there doesn't seem
to be any delegation configured but, all zones are set to replicate to
all dc's in the forest, so child zone and root zone appear on dc's in
both the root and child domains. that fact that this replication is
present is this negating the need for delegation to be set up as the
root servers can resolve names in the child zone because they are
hosting the child zone as well as there own? we do have forwarders set
up back to the root zone form the child.

houghtp · External Since: Jun 29, 2007 Posts: 5

On Jun 29, 9:03 pm, "Kevin D. Goodknecht Sr. [MVP]"
<a... RemoveThis @nospam.WFTX.US> wrote:
> Read inline please.
>
> Innews:1183129231.981043.318610@o61g2000hsh.googlegroups.com,
> houghtp <paul.hough... RemoveThis @britvic.co.uk> typed:
>
> > Hi could sombody clear this up for me.
>
> > at work have a dedicated root ad domain root.net with its dns zone
> > root.net, and then have a child ad domain child.root.net with its own
> > dns zone child.root.net. why would this not have been configured so
> > the root dns domain delegated a new dns domain for the child domain,
> > why would a new zone have been created instead
>
> You questions are very confusing. The normal way this is done is to have
> child DCs holding the child.root.net zone and the Root DCs holding the
> root.net zone. Then so the root.net DNS servers can resolve names in the
> child.root.net zone, which are on different DCs you should have a delegation
> named child in the root.net zone. This delegation should have NS records for
> the child DCs, and the child DCs would have a Conditional forwarder, Stub
> zone or secondary zone for root.net.
> Your questions make it unclear as to what you have.
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
>
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================http://www.lonestaramerica.com/http://support.wftx.us/http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and morehttp://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:http://www.oehelp.com/OEBackup/Default.aspx
> ===================================

HI Kevin thanks for the reply. I realised my post was confusing after
i posted it, should have removed it really and started again.

i actually answered my oorigional question by doing some research, i
think i got mixed up with zones and domains. But i do have one more
question.

as i posted previously we have a root\child domain set up, each with
its own dns zone. But, there doesn't seem to be any delegation
configured from the root to the child. the thing is everything seems
to work ok. is this because all our zones are set to replicate to all
dc's in the forest, so therefore servers in the root domain host both
the root zone and the child zone and therefore can resolve names for
the child domain because they host the child zone. if this is the case
why would you ever bother confuguring delegation?

we do have forwarders configured from child to root.

i hope i've explained my self more clearly..

Kevin D. Goodknech1 · External Since: Jun 20, 2004 Posts: 1397

Read inline please.

In news:1183217920.350470.230860@o61g2000hsh.googlegroups.com,
houghtp <paul.houghton RemoveThis @britvic.co.uk> typed:

> HI Kevin thanks for the reply. I realised my post was confusing after
> i posted it, should have removed it really and started again.
>
> i actually answered my oorigional question by doing some research, i
> think i got mixed up with zones and domains. But i do have one more
> question.
>
> as i posted previously we have a root\child domain set up, each with
> its own dns zone. But, there doesn't seem to be any delegation
> configured from the root to the child. the thing is everything seems
> to work ok. is this because all our zones are set to replicate to all
> dc's in the forest, so therefore servers in the root domain host both
> the root zone and the child zone and therefore can resolve names for
> the child domain because they host the child zone. if this is the case
> why would you ever bother confuguring delegation?
>
> we do have forwarders configured from child to root.
>
> i hope i've explained my self more clearly..

If there is both Root Domain Zones and separate Child domain zones on all
servers, the Delegation should still be present. Because the child domain
records would or could be able to be located in two different zones on the
same server, causing the possibility of having two copies of the child
domain records.
If the Child domain is delegated, it places all the child records in one
zone. It also keeps the security of each zone separate of the other.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

houghtp · External Since: Jun 29, 2007 Posts: 5

On Jun 30, 9:39 pm, "Kevin D. Goodknecht Sr. [MVP]"
<a....TakeThisOut@nospam.WFTX.US> wrote:
> Read inline please.
>
> Innews:1183217920.350470.230860@o61g2000hsh.googlegroups.com,
> houghtp <paul.hough....TakeThisOut@britvic.co.uk> typed:
>
>
>
>
>
> > HI Kevin thanks for the reply. I realised my post was confusing after
> > i posted it, should have removed it really and started again.
>
> > i actually answered my oorigional question by doing some research, i
> > think i got mixed up with zones and domains. But i do have one more
> > question.
>
> > as i posted previously we have a root\child domain set up, each with
> > its own dns zone. But, there doesn't seem to be any delegation
> > configured from the root to the child. the thing is everything seems
> > to work ok. is this because all our zones are set to replicate to all
> > dc's in the forest, so therefore servers in the root domain host both
> > the root zone and the child zone and therefore can resolve names for
> > the child domain because they host the child zone. if this is the case
> > why would you ever bother confuguring delegation?
>
> > we do have forwarders configured from child to root.
>
> > i hope i've explained my self more clearly..
>
> If there is both Root Domain Zones and separate Child domain zones on all
> servers, the Delegation should still be present. Because the child domain
> records would or could be able to be located in two different zones on the
> same server, causing the possibility of having two copies of the child
> domain records.
> If the Child domain is delegated, it places all the child records in one
> zone. It also keeps the security of each zone separate of the other.
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
>
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================http://www.lonestaramerica.com/http://support.wftx.us/http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and morehttp://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:http://www.oehelp.com/OEBackup/Default.aspx
> ===================================- Hide quoted text -
>
> - Show quoted text -
thanks for clearing that up Kevin