Recipe 13.7. Moving Active Directory-Integrated Zones into an Application Partition
ProblemYou want to move an Active Directory-integrated zone into an application partition to reduce unnecessary replication traffic to domain controllers that are not DNS Servers. SolutionUsing a graphical user interface
Using a command-line interfaceThe following command moves a zone to the default application partition that replicates to all domain controllers that are DNS Servers in the domain: > dnscmd <ServerName> /zonechangedirectorypartition <ZoneName> /domain The following command moves a zone into the application partition that replicates to all domain controllers in a forest that are DNS Servers: > dnscmd <ServerName> /zonechangedirectorypartition <ZoneName> /forest Using VBScriptAt the time of publication of this book, the DNS WMI Provider did not support programmatically moving a zone into an application partition. DiscussionWith Windows 2000 Active Directory, Active Directory-integrated zones replicate to every domain controller in the domain they are stored. So if you have domain controllers that aren't acting as DNS Servers, which is often the case, those domain controllers replicate the Active Directory-integrated zone data even though they don't really use it. This can be confusing and result in increased and unnecessary replication traffic to replicate changes with the zones.
Windows Server 2003 provides an elegant solution to this issue by using application partitions. Application partitions are user-defined partitions that can be configured to replicate with any domain controller in a forest. This provides much more flexibility for how you store and replicate your Active Directory-integrated zones. You could, in fact, have a couple domain controllers from each domain act as DNS Servers for all of your Active Directory domains and replicate DNS data only to them. See AlsoRecipe 13.6 and Chapter 17 of Active Directory Cookbook (O'Reilly) |