Recipe13.7.Moving Active Directory-Integrated Zones into an Application Partition

Previous page
Table of content
Next page

Recipe 13.7. Moving Active Directory-Integrated Zones into an Application Partition

This recipe requires the Windows Server 2003 domain functional level.


Problem

You want to move an Active Directory-integrated zone into an application partition to reduce unnecessary replication traffic to domain controllers that are not DNS Servers.

Solution

Using a graphical user interface

  1. From the Administrative Tools, open the DNS snap-in (dnsmgmt.msc).

  2. Connect to the DNS Server you want to modify. In the left pane, right-click on DNS and select Connect to DNS Server. Select The following computer and enter the target server name. Click OK.

  3. Expand the server in the left pane and expand either Forward Lookup Zones or Reverse Lookup Zones depending on the type of zone.

  4. Click on the name of the zone.

  5. Right-click on the zone and select Properties.

  6. Click on the Change button beside Replication.

  7. Select the application partition where you want to move the zone.

  8. Click OK and click OK again.

Using a command-line interface

The following command moves a zone to the default application partition that replicates to all domain controllers that are DNS Servers in the domain:

> dnscmd <ServerName> /zonechangedirectorypartition <ZoneName> /domain

The following command moves a zone into the application partition that replicates to all domain controllers in a forest that are DNS Servers:

> dnscmd <ServerName> /zonechangedirectorypartition <ZoneName> /forest

Using VBScript

At the time of publication of this book, the DNS WMI Provider did not support programmatically moving a zone into an application partition.

Discussion

With Windows 2000 Active Directory, Active Directory-integrated zones replicate to every domain controller in the domain they are stored. So if you have domain controllers that aren't acting as DNS Servers, which is often the case, those domain controllers replicate the Active Directory-integrated zone data even though they don't really use it. This can be confusing and result in increased and unnecessary replication traffic to replicate changes with the zones.

A domain controller serves as a DNS Server only if you explicitly install the DNS Server service. Just because a zone is Active Directory-integrated doesn't mean every domain controller acts as a DNS Server.


Windows Server 2003 provides an elegant solution to this issue by using application partitions. Application partitions are user-defined partitions that can be configured to replicate with any domain controller in a forest. This provides much more flexibility for how you store and replicate your Active Directory-integrated zones. You could, in fact, have a couple domain controllers from each domain act as DNS Servers for all of your Active Directory domains and replicate DNS data only to them.

See Also

Recipe 13.6 and Chapter 17 of Active Directory Cookbook (O'Reilly)


Previous page
Table of content
Next page
Windows Server Cookbook
Windows Server Cookbook for Windows Server 2003 and Windows 2000
ISBN: 0596006330
EAN: 2147483647
Year: 2006
Pages: 380
Authors: Robbie Allen
BUY ON AMAZON
Java I/O
ERP and Data Warehousing in Organizations: Issues and Challenges
The .NET Developers Guide to Directory Services Programming
Cisco CallManager Fundamentals (2nd Edition)
FileMaker 8 Functions and Scripts Desk Reference
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy