How do GC's register _MSDCS info in the DNS root from a ch..

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

If a child DC/GC is configured to resolve it's DNS via a DNS server in it's
child domain, you still get things like DC GUIDS and GC entries showing up in
the root DNS _MSDCS zone. I cannot see how this can be populated without
pointing the DC at the root DNS server as the primary DNS resolver. Does
anyone know how these records get registered, does AD do something clever
internally?

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Ewan expressed precisely :
> If a child DC/GC is configured to resolve it's DNS via a DNS server in it's
> child domain, you still get things like DC GUIDS and GC entries showing up in
> the root DNS _MSDCS zone. I cannot see how this can be populated without
> pointing the DC at the root DNS server as the primary DNS resolver. Does
> anyone know how these records get registered, does AD do something clever
> internally?

probably the dns zones are being replicated amongst them selves
so adding a new entry in a child domain automatically triggers an
update of the zone all around

grtz

--
This is an automatic signature of MesNews.
Site : http://www.mesnews.net

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

"" wrote:
> If a child DC/GC is configured to resolve it's DNS via a DNS
> server in it's
> child domain, you still get things like DC GUIDS and GC
> entries showing up in
> the root DNS _MSDCS zone. I cannot see how this can be
> populated without
> pointing the DC at the root DNS server as the primary DNS
> resolver. Does
> anyone know how these records get registered, does AD do
> something clever
> internally?

As the child DNS zone is delegated from the parent domain DNS servers
to the Child domain DNS servers, the child domain DNS servers are or
using internal root hints or forwarders.

Cheers,

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/Active-Directory-GC-register-_MSDCS-info-DNS-root-child-doma-ftopict553377.html
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1755926

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

The DC/GC knows that it needs to register in that zone. It asks the DNS Server
it knows about for the SOA for that zone and goes directly to that server(s) and
registers.

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net


Ewan wrote:
> If a child DC/GC is configured to resolve it's DNS via a DNS server in it's
> child domain, you still get things like DC GUIDS and GC entries showing up in
> the root DNS _MSDCS zone. I cannot see how this can be populated without
> pointing the DC at the root DNS server as the primary DNS resolver. Does
> anyone know how these records get registered, does AD do something clever
> internally?

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi Joe,

Thanks for the response, my confusion though is that if the child DC points
to a child DNS zone for resolution the SOA for that zone will be a child DNS
server. However the child DC somehow knows the existance of the root zone
and a route to follow in order to register it's AD GUID in the _MSDCS zone on
a "root" DNS zone server? I don't see how it does this??

I'd be interested to hear if you have any ideas?

Cheers,
Ewan

"Joe Richards [MVP]" wrote:

> The DC/GC knows that it needs to register in that zone. It asks the DNS Server
> it knows about for the SOA for that zone and goes directly to that server(s) and
> registers.
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> www.joeware.net
>
>
> Ewan wrote:
> > If a child DC/GC is configured to resolve it's DNS via a DNS server in it's
> > child domain, you still get things like DC GUIDS and GC entries showing up in
> > the root DNS _MSDCS zone. I cannot see how this can be populated without
> > pointing the DC at the root DNS server as the primary DNS resolver. Does
> > anyone know how these records get registered, does AD do something clever
> > internally?
>

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

You point DCs to DNS servers, not zones. The fact that a server has its address
in a specific zone doesn't mean it can't ask that DNS Server for the SOA of
another zone.

All DCs know the root domain of the forest and from that can ascertain the root
DNS zone and ask for its SOA. Assuming the DNS server they are configured for
has knowledge of that zone (and with AD it better or else all sorts of things
will break say like Kerberos) it can tell the client where to go for that zone.

I would recommend purging all of the records for a DC in the various zones and
then using ipconfig to force a registration. When you do that, do a network
trace and watch the actual traffic, that should answer your questions.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net


Ewan wrote:
> Hi Joe,
>
> Thanks for the response, my confusion though is that if the child DC points
> to a child DNS zone for resolution the SOA for that zone will be a child DNS
> server. However the child DC somehow knows the existance of the root zone
> and a route to follow in order to register it's AD GUID in the _MSDCS zone on
> a "root" DNS zone server? I don't see how it does this??
>
> I'd be interested to hear if you have any ideas?
>
> Cheers,
> Ewan
>
> "Joe Richards [MVP]" wrote:
>
>
>>The DC/GC knows that it needs to register in that zone. It asks the DNS Server
>>it knows about for the SOA for that zone and goes directly to that server(s) and
>>registers.
>>
>>--
>>Joe Richards Microsoft MVP Windows Server Directory Services
>>www.joeware.net
>>
>>
>>Ewan wrote:
>>
>>>If a child DC/GC is configured to resolve it's DNS via a DNS server in it's
>>>child domain, you still get things like DC GUIDS and GC entries showing up in
>>>the root DNS _MSDCS zone. I cannot see how this can be populated without
>>>pointing the DC at the root DNS server as the primary DNS resolver. Does
>>>anyone know how these records get registered, does AD do something clever
>>>internally?
>>