PHWinfo - Afficher un message - missing information from forestdnszones / domaindnszones

29/07/2006, 22h28

Site A = Primary Zone
Site B & C = Secondary Zone

DNS is not installed on all DC's. Its installed on all but one. I'd
rather stick with the typical DNS until we've switched over to AD
Integrated, then switch DNS to be AD Integrated as well.

We only have one domain.

Ace Fekay [MVP] wrote:
> In news:1154033464.502281.29530@i3g2000cwc.googlegrou ps.com,
> eric.olson@gmail.com <eric.olson@gmail.com> stated, which I commented on
> below:
> > _msdcs, _sites, and _tcp are all correct. they each list all the sites
> > (which are also seen in ad sites and services).
> >
> > sitea = primary dns
> > siteb = secondary (would it be better to have a primary dns site in
> > each location, even though they're all in the same domain?)
> > sitec = secondary (would it be better to have a primary dns site in
> > each location, even though they're all in the same domain?)
> >
> > 'siteb' is listed in domaindnszones, however sitea and sitec aren't.
> >
> > sitea users = point to sitea dns.
> > siteb users = point to siteb dns, and a secondary of sitea
> > sitec users = point to sitec dns, and a secondary of sitea
> >
> > another thing i noticed (i have several users who have "permissions"
> > to change things) -- which i'm about to cut off -- is:
> >
> > in ad sites and services, under subnets:
> >
> > xxx.xxx.129.0/26
> > xxx.xxx.129.128/25
> > xxx.xxx.169.64/27
> > xxx.xxx.129.64/27
> > xxx.xxx.129.96/27
> > xxx.xxx.131.0/27
> > xxx.xxx.131.112/28
> > xxx.xxx.131.144/28
> > xxx.xxx.255.160/28
> > *i also have quite a few entries that are the same as the above but
> > with a bunch of jibberish at the end of the bitmask (for instance
> > {A)#%@#()%UBN&)!@B&P!b24ybdlabgysdgy82gb7628ls76d8 slds}. i think these
> > are either bad, or just incorrect, and have to be removed.*
> >
> > from what i understood it needed to be xxx.xxx.xxx.0/{bitmask}
> >
> > all of the xxx.xxx are the same. i just omitted the other octets so
> > i'm not publishing my ip addresses / ranges on the www.
> >
> > i tried 'netdiag /fix' but it's not available in windows 2003....
> > unless i was doing something wrong (like not running 'netdiag /fix'
> > from the dns server in question).
> >
> > thanks for all your guys!
>
> Those jibberish ones sound like duplicates or conflicts. Yes, delete them.
>
> You mentioned Primary and Secondary DNS. I'm not sure if this is skewed
> terminology or not. Do you mean Primary and Secondary zones? Are you saying
> DNS is not installed and running on domain controllers in those Sites?
>
> If DNS is installed on all domain controllers, and you have one domain, and
> you select the zone to be AD integrated, then the zone will auto populate on
> ALL DNS servers that are domain controllers. If you have multiple domains,
> only the ones in the ForestDnsZones partition will populate on ALL DC/DNS
> servers, but if any are in either the DomainNC (bottom button in zone
> properties), or the in DomainDnsZones, (middle button), they will replicate
> to only the DC/DNS in their own domain.
>
> If the zone is AD INtegrated, and you attempt to create a Secondary zone of
> one of these zones on another DC that is in the same replication scope
> context, then it will create an error and it will auto remove the zone.
>
> Does that make sense? Maybe a clarification please?
>
> Thanks,
> Ace

29/07/2006, 22h28	#6
eric.olson@gmail.com Messages: n/a Hébergeur:	Re: missing information from forestdnszones / domaindnszones Site A = Primary Zone Site B & C = Secondary Zone DNS is not installed on all DC's. Its installed on all but one. I'd rather stick with the typical DNS until we've switched over to AD Integrated, then switch DNS to be AD Integrated as well. We only have one domain. Ace Fekay [MVP] wrote: > In news:1154033464.502281.29530@i3g2000cwc.googlegrou ps.com, > eric.olson@gmail.com <eric.olson@gmail.com> stated, which I commented on > below: > > _msdcs, _sites, and _tcp are all correct. they each list all the sites > > (which are also seen in ad sites and services). > > > > sitea = primary dns > > siteb = secondary (would it be better to have a primary dns site in > > each location, even though they're all in the same domain?) > > sitec = secondary (would it be better to have a primary dns site in > > each location, even though they're all in the same domain?) > > > > 'siteb' is listed in domaindnszones, however sitea and sitec aren't. > > > > sitea users = point to sitea dns. > > siteb users = point to siteb dns, and a secondary of sitea > > sitec users = point to sitec dns, and a secondary of sitea > > > > another thing i noticed (i have several users who have "permissions" > > to change things) -- which i'm about to cut off -- is: > > > > in ad sites and services, under subnets: > > > > xxx.xxx.129.0/26 > > xxx.xxx.129.128/25 > > xxx.xxx.169.64/27 > > xxx.xxx.129.64/27 > > xxx.xxx.129.96/27 > > xxx.xxx.131.0/27 > > xxx.xxx.131.112/28 > > xxx.xxx.131.144/28 > > xxx.xxx.255.160/28 > > i also have quite a few entries that are the same as the above but > > with a bunch of jibberish at the end of the bitmask (for instance > > {A)#%@#()%UBN&)!@B&P!b24ybdlabgysdgy82gb7628ls76d8 slds}. i think these > > are either bad, or just incorrect, and have to be removed. > > > > from what i understood it needed to be xxx.xxx.xxx.0/{bitmask} > > > > all of the xxx.xxx are the same. i just omitted the other octets so > > i'm not publishing my ip addresses / ranges on the www. > > > > i tried 'netdiag /fix' but it's not available in windows 2003.... > > unless i was doing something wrong (like not running 'netdiag /fix' > > from the dns server in question). > > > > thanks for all your guys! > > Those jibberish ones sound like duplicates or conflicts. Yes, delete them. > > You mentioned Primary and Secondary DNS. I'm not sure if this is skewed > terminology or not. Do you mean Primary and Secondary zones? Are you saying > DNS is not installed and running on domain controllers in those Sites? > > If DNS is installed on all domain controllers, and you have one domain, and > you select the zone to be AD integrated, then the zone will auto populate on > ALL DNS servers that are domain controllers. If you have multiple domains, > only the ones in the ForestDnsZones partition will populate on ALL DC/DNS > servers, but if any are in either the DomainNC (bottom button in zone > properties), or the in DomainDnsZones, (middle button), they will replicate > to only the DC/DNS in their own domain. > > If the zone is AD INtegrated, and you attempt to create a Secondary zone of > one of these zones on another DC that is in the same replication scope > context, then it will create an error and it will auto remove the zone. > > Does that make sense? Maybe a clarification please? > > Thanks, > Ace