70-293 DNS Subdomains
in [MCSE exams]
|
From: C_Guy on 19 Dec 2009 18:50 Hi everyone; I am studying for Exam 70-293 and I am having some trouble with DNS subdomains. I understand the concept but am not sure how to set them up properly on Windows Server 2003. For instance, on a new server installation I can set up a new Forward Lookup Zone for "fabrikam.com" as a Primary standard zone. Let's say I want a subdomain "internal.fabrikam.com". I can either: -Right-click on the fabrikam.com zone, choose New Domain... and type in "internal". This generates what looks like a subfolder under "fabrikam.com" called "internal" OR -I can right-click on "Forward Lookup Zones", choose new Zone -> Primary Zone and enter "internal.fabrikam.com" If I do this I get a new zone called "internal.fabrikam.com". I can have 1 zone with a subdomain for "internal.fabrikam.com" or I can have two zones, one for "fabrikam.com" and one for "internal.fabrikam.com"... What is the difference and what would be considered the correct method? Thanks to anyone for their insight :)
From: Lawrence Garvin [MVP] on 19 Dec 2009 20:33 "C_Guy" <CGuy(a)discussions.microsoft.com> wrote in message news:CEDDFB5E-D398-4A9C-95D7-DCC7FB731E8C(a)microsoft.com... > For instance, on a new server installation I can set up a new Forward > Lookup > Zone for "fabrikam.com" as a Primary standard zone. Let's say I want a > subdomain "internal.fabrikam.com". I can either: > > -Right-click on the fabrikam.com zone, choose New Domain... and type in > "internal". This generates what looks like a subfolder under > "fabrikam.com" > called "internal" > OR > -I can right-click on "Forward Lookup Zones", choose new Zone -> Primary > Zone and enter "internal.fabrikam.com" If I do this I get a new zone > called > "internal.fabrikam.com". > > I can have 1 zone with a subdomain for "internal.fabrikam.com" or I can > have > two zones, one for "fabrikam.com" and one for "internal.fabrikam.com"... > What > is the difference and what would be considered the correct method? The distinction here is whether the subdomain will be managed as a separate *zone* or in the same zone as the primary domain. To fully grasp this distinction you'll need to understand the significance of the "zone" in the Domain Name System -- which is not a topic covered by the 70-293 exam, because it's generally not relevant in an AD-Integrated domain environment. The short answer is that the issue of a zone is really only relevant to a FILE-based DNS environment. A "zone" is a container that represents a point of authority for the contents of that "zone". A zone is a physical manifestation of the logical concept of a domain (including subdomains). A single domain can be split into multiple zones -- though is rarely done (thus granting authority over different segments of a single domain). A subdomain can be managed in the same zone as the parent domain -- typically done when a single authority is responsible for both domains, or a subdomain can be managed in a separate zone, usually done when the management for the subdomain will be delegated to a different authority. For a great reference on all things DNS, and the original implementation via BIND, long before Microsoft reinvented the system (or tried to), look for the O'Reilly book titled "DNS and BIND" which is still considered to be the "bible" on DNS. -- Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA Principal/CTO, Onsite Technology Solutions, Houston, Texas Microsoft MVP - Software Distribution (2005-2009) My Blog: http://onsitechsolutions.spaces.live.com Microsoft WSUS Website: http://www.microsoft.com/wsus My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
From: C_Guy on 19 Dec 2009 21:05 Thanks Lawrence, that makes sense and answers my question. I appreciate your help :) "Lawrence Garvin [MVP]" wrote: > "C_Guy" <CGuy(a)discussions.microsoft.com> wrote in message > news:CEDDFB5E-D398-4A9C-95D7-DCC7FB731E8C(a)microsoft.com... > > > For instance, on a new server installation I can set up a new Forward > > Lookup > > Zone for "fabrikam.com" as a Primary standard zone. Let's say I want a > > subdomain "internal.fabrikam.com". I can either: > > > > -Right-click on the fabrikam.com zone, choose New Domain... and type in > > "internal". This generates what looks like a subfolder under > > "fabrikam.com" > > called "internal" > > OR > > -I can right-click on "Forward Lookup Zones", choose new Zone -> Primary > > Zone and enter "internal.fabrikam.com" If I do this I get a new zone > > called > > "internal.fabrikam.com". > > > > I can have 1 zone with a subdomain for "internal.fabrikam.com" or I can > > have > > two zones, one for "fabrikam.com" and one for "internal.fabrikam.com"... > > What > > is the difference and what would be considered the correct method? > > The distinction here is whether the subdomain will be managed as a separate > *zone* or in the same zone as the primary domain. To fully grasp this > distinction you'll need to understand the significance of the "zone" in the > Domain Name System -- which is not a topic covered by the 70-293 exam, > because it's generally not relevant in an AD-Integrated domain environment. > > The short answer is that the issue of a zone is really only relevant to a > FILE-based DNS environment. A "zone" is a container that represents a point > of authority for the contents of that "zone". A zone is a physical > manifestation of the logical concept of a domain (including subdomains). A > single domain can be split into multiple zones -- though is rarely done > (thus granting authority over different segments of a single domain). A > subdomain can be managed in the same zone as the parent domain -- typically > done when a single authority is responsible for both domains, or a subdomain > can be managed in a separate zone, usually done when the management for the > subdomain will be delegated to a different authority. > > For a great reference on all things DNS, and the original implementation via > BIND, long before Microsoft reinvented the system (or tried to), look for > the O'Reilly book titled "DNS and BIND" which is still considered to be the > "bible" on DNS. > > > > -- > Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA > Principal/CTO, Onsite Technology Solutions, Houston, Texas > Microsoft MVP - Software Distribution (2005-2009) > > My Blog: http://onsitechsolutions.spaces.live.com > Microsoft WSUS Website: http://www.microsoft.com/wsus > My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin >
|
Pages: 1 Prev: Free code examples in C# and VB and many C# training videos... Next: MCSE certification |