ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Welcome to the 21st installment of “Learn Active Directory Design and Administration in 15 Minutes a Week,” a weekly series aimed at IT professionals preparing to write the new Windows Active Directory Design and Administration exams (70-219 and 70-217 respectively), as well as newcomers to the field who are trying to get a solid grasp on this new and emerging directory service from Microsoft.
This latest installment in Jason Zandri’s ‘Learn Active Directory Design and Administration in 15 Minutes a Week’ further examines DNS under Windows 2000 Server and how it relates to the support of Active Directory design.
This installment further examines DNS under Windows 2000 Server and how it relates to the support of Active Directory design.
[NOTES FROM THE FIELD] — I recently received e-mail asking how I am going to address in Active Directory articles the changes that have been implemented in Windows Server 2003. For the time being, the main course of these articles will continue to focus on the 70-217 and the 70-219 exams.
DNS Zone Overview
A DNS zone is a contiguous portion of the domain namespace for which a particular DNS server has authority to resolve DNS queries. DNS namespaces are almost always divided into zones that store name information about one or more DNS domains or portions of a DNS domain(s).
The Windows 2000 Active Directory domain structure contains three zone types.
The Standard Primary zone has a read/write version of the zone file that is stored in a standard text file. Any changes to the zone are recorded only in that file. Any other copies of that zone are Secondary zone copies and are read-only.
The Standard Secondary zone contains a read-only version of a Primary zone file stored in a standard text file. Any changes to the zone are performed on the Primary zone file and replicated to the Secondary zone file. To create a copy of an existing Primary zone and its zone file (which allows the DNS name resolution workload to be distributed among multiple DNS servers), you must create a Standard Secondary zone. Standard Secondary zones are also used when hosting DNS servers to implement load balancing and fault tolerance for DNS name resolution in your environment.
[NOTES FROM THE FIELD] — There is fault tolerance under the Standard Primary/Secondary model; when a single server becomes non-responsive or is altogether offline, name resolution will still occur because at least one other server is available to respond to queries. It’s possible, however, for the Standard Primary zone to become unavailable for any reason. The entire time that the DNS that hosts the Standard Primary zone is down, there will be no way for updates to be made to the zone, as the only read/write copy of the zone (Standard Primary) will be unavailable.
The Active Directory integrated zones store the DNS zone information in the Active Directory database rather than in a text file. Updates to the Active Directory integrated zone occur automatically during Active Directory replication. You do not need to manually configure DNS servers to specify update intervals, as Active Directory maintains the zone information and replicates the information based on its own replication schedule.
The Active Directory integrated option is not available in the Change Zone Type dialog box until Active Directory is implemented. If Active Directory is not present in the environment, the option will be grayed out in the New Zone Wizard and the Change Zone Type dialog box from the DNS MMC.
