Location: List Archives

List Archives

This forum is an archive of all posts to our mailing list over the past few years.  The forum is set read only therefore to contribute you will need to join our list community.  See more info about this here.

 

When subscribed to the list you should use your standard email client to send your posts to ActiveDir@mail.activedir.org.

List Archives

Forums >ActiveDir Mail List Archive >List Archives
Subject: RE: [ActiveDir] DNS Replication settings in root/child forest domains
Prev Next
You are not authorized to post a reply.

AuthorMessages
TGUser is Offline

Posts:360

06/29/2012 10:01 PM  
I remember seeing the error in one of the test environments a while ago. I do not recall what caused it and how we resolved. It is not a result of the scope definition, just a configuration issue.

We do have a similar setup and when the option became available, we moved the _msdcs.root to the All DNS servers in the forest. The rationale behind it was that Domain Controllers around the world will not have to come back to the location of the root domain Domain Controllers.

Thank you, Tony.

BlackBerry users appreciate conference call information in this format:
123-456-7890x12345678#
That allows us to just click on it and bypass entering the passcode manually.

Tony Gordon | Identity Management & Simplified Authentication
MCITP:EA, Windows 2003 & 2008 MCSE, Windows 2003 MCSA, PMP
Tel: +18478837892
tony dot gordon at aonhewitt.com | aon.com
[Description: Description: Description: Description: cid:image002.png@01CD495D.C7A86320]

From: activedir-owner@xxxxxxxxxxxxxxxx [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Al Rose
Sent: Friday, June 29, 2012 7:35 AM
To: activedir@xxxxxxxxxxxxxxxx
Subject: [ActiveDir] DNS Replication settings in root/child forest domains

Hi,

We are running a forest with a root domain (placeholder, nothing running there really) and a child domain (CORP domain with all users, servers,..)

What is the recommended DNS replication settings for this scenario?

All the root DCs have DNS installed. We have a forward lookup zone called acme.local, this is AD-Integrated and we have a DNS domain called corp.acme.local.

Looking at DNS properties on root DCs i see that the replication scope is set to All DNS servers in this domain
Looking at DNS properties on child DCs i see that the replication scope is set to All domain controllers in Active Directory Domain

Are there better replication settings for this setup?

I am asking because i am running into the following error i get on DCs DNS logs in the root domain:

The zone acme.local was previously loaded from the directory partition DomainDnsZones.acme.local but another copy of the zone has been found in directory partition ForestDnsZones.acme.local. The DNS Server will ignore this new copy of the zone. Please resolve this conflict as soon as possible.

If an administrator has moved this zone from one directory partition to another this may be a harmless transient condition. In this case, no action is necessary. The deletion of the original copy of the zone should soon replicate to this server.

If there are two copies of this zone in two different directory partitions but this is not a transient caused by a zone move operation then one of these copies should be deleted as soon as possible to resolve this conflict.

To change the replication scope of an application directory partition containing DNS zones and for more details on storing DNS zones in the application directory partitions, please see Help and Support.

You are not authorized to post a reply.
Forums >ActiveDir Mail List Archive >List Archives > RE: [ActiveDir] DNS Replication settings in root/child forest domains



ActiveForums 3.7
Friends

Friends

VisualClickButoton
Members

Members

MembershipMembership:
Latest New UserLatest:kmckinney
New TodayNew Today:0
New YesterdayNew Yesterday:0
User CountOverall:5488
People OnlinePeople Online:
VisitorsVisitors:51
MembersMembers:0
TotalTotal:51
Online NowOnline Now:

Ads

Copyright 2012 ActiveDir.org
Terms Of Use