Solved DNS And Ad integrated Zone

July 25, 2012 at 14:44:10
Specs: Windows 2008 server 64bit, 8
Hello,

I have seen a question for the MCITP that say you can only have the dynamic updates using the windows interface by verifying that the zone type is Active Directory Integrated.

As I understand it, Dynamic updates work in a parallele with the DHCP server. When it is set to "non secure and secure", a computer from outside the network could connect, on secure mode, only computers which are part of the domain can connect, am I correct?

Now what I do not understand is why do we need the zone type to be active directory integrated for it to work?

Could you please explain this to me?

Thank you,

Ben


See More: DNS And Ad integrated Zone

Report •


#1
July 26, 2012 at 00:04:48
Your premise is incorrect. Windows DNS correctly handles dynamic updates whether the zone is primary or AD integrated. But "secure" updates are only allowed (I believe) on AD integrated zones.

Report •

#2
July 26, 2012 at 01:28:06
Thank you iJack,

Yes this is what I meant about the "Secure" updates, my apology for the bad explanation.

Regards,

Ben


Report •

#3
July 26, 2012 at 03:15:52
✔ Best Answer
I would imagine that the reason is that a normal primary zone is just a text file and doesn't contain security descriptors (other than the permissions on the file itself). Objects in AD have security descriptors.

Report •

Related Solutions

#4
July 26, 2012 at 03:52:30
Thanks iJack!

Report •

Ask Question