Hi,

Here is the scenario:
2 domains, A and B - A has AD-Integ DNS, B does not - both are in different
forests across a WAN link - people in B need resolution for names in A -
intent is to keep the traffic on the WAN link to a minimal level
Which option will work OR is best suited from a traffic perspective:
- Create a stub-zone in B for A's domain
- Conditional forwarding is setup in B for A
- Zone transfer between A and B (do not know if this is an option between
AD-I and non AD-I DNS domains)
- Any other option?

Any is appreciated.

In news:2488CEFA-3DB9-4A0A-AAFB-CB62221AF289@microsoft.com,
jatdesi <jatdesi@discussions.microsoft.com> typed:
> Hi,
>
> Here is the scenario:
> 2 domains, A and B - A has AD-Integ DNS, B does not - both are in
> different forests across a WAN link - people in B need resolution for
> names in A - intent is to keep the traffic on the WAN link to a
> minimal level
> Which option will work OR is best suited from a traffic perspective:
> - Create a stub-zone in B for A's domain
> - Conditional forwarding is setup in B for A
> - Zone transfer between A and B (do not know if this is an option
> between AD-I and non AD-I DNS domains)
> - Any other option?
>
> Any is appreciated.

You can do any of the ones you stated. Yes, zone transfers, if you allow
them, are possible between AD integrated zones. Keep in mind, AD integrated
zones are zones weith the zone data stored in the AD database and not a text
file. They still act like primary zones.

I myself like to use conditional forwarding in this scenario, especially if
there is some question of trust, etc, but you can use whatever you like to
make this work depending on your requirements. Others will say they like
strawberry, chocolate or vanilla, depending on their needs or requirements.

Ace

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

Having difficulty reading or finding responses to your post?
Instead of the website you're using, try using OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. Anonymous access. It's free - no username or password
required nor do you need a Newsgroup Usenet account with your ISP. It
connects directly to the Microsoft Public Newsgroups. OEx allows you
o easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject. It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

"Quitting smoking is easy. I've done it a thousand times." - Mark Twain

First of all, thanks for your response! Secondly, I have now been made aware
of more details of this scenario: Both A and B have AD-I DNS. A is native
2003 and B is native 2000. This raises 2 questions:
- Does this change my options i.e. I thought that stub-zones AND conditional
fwding are possible only in 2003 native domains. So, from B, I really cannot
do any conditional fwding or create a stub-zone in B. Is this assumption
correct?

- Can I just add the DNS servers of B in the Zone Transfer tab for A (with
"Only to the following servers" option selected)? If so, does this pull in
all zone information from B and add it to the zone info of A? Or is it just
sending zone info for A to the specified servers of B (and A's zone is not
being modified by this option - kind of a one-way zone transfer)?

Thanks in advance!

"Ace Fekay [MVP]" wrote:

> In news:2488CEFA-3DB9-4A0A-AAFB-CB62221AF289@microsoft.com,
> jatdesi <jatdesi@discussions.microsoft.com> typed:
> > Hi,
> >
> > Here is the scenario:
> > 2 domains, A and B - A has AD-Integ DNS, B does not - both are in
> > different forests across a WAN link - people in B need resolution for
> > names in A - intent is to keep the traffic on the WAN link to a
> > minimal level
> > Which option will work OR is best suited from a traffic perspective:
> > - Create a stub-zone in B for A's domain
> > - Conditional forwarding is setup in B for A
> > - Zone transfer between A and B (do not know if this is an option
> > between AD-I and non AD-I DNS domains)
> > - Any other option?
> >
> > Any is appreciated.
>
> You can do any of the ones you stated. Yes, zone transfers, if you allow
> them, are possible between AD integrated zones. Keep in mind, AD integrated
> zones are zones weith the zone data stored in the AD database and not a text
> file. They still act like primary zones.
>
> I myself like to use conditional forwarding in this scenario, especially if
> there is some question of trust, etc, but you can use whatever you like to
> make this work depending on your requirements. Others will say they like
> strawberry, chocolate or vanilla, depending on their needs or requirements.
>
> Ace
>
> --
> Regards,
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft MVP - Directory Services
> Microsoft Certified Trainer
>
> Infinite Diversities in Infinite Combinations
>
> Having difficulty reading or finding responses to your post?
> Instead of the website you're using, try using OEx (Outlook Express
> or any other newsreader), and configure a news account, pointing to
> news.microsoft.com. Anonymous access. It's free - no username or password
> required nor do you need a Newsgroup Usenet account with your ISP. It
> connects directly to the Microsoft Public Newsgroups. OEx allows you
> o easily find, track threads, cross-post, sort by date, poster's name,
> watched threads or subject. It's easy:
>
> How to Configure OEx for Internet News
> http://support.microsoft.com/?id=171164
>
> "Quitting smoking is easy. I've done it a thousand times." - Mark Twain
>
>
>

In news:BB374BA7-0C8A-4DAA-BD2E-06981CD0ED3D@microsoft.com,
jatdesi <jatdesi@discussions.microsoft.com> typed:
> First of all, thanks for your response! Secondly, I have now been
> made aware of more details of this scenario: Both A and B have AD-I
> DNS. A is native 2003 and B is native 2000. This raises 2 questions:
> - Does this change my options i.e. I thought that stub-zones AND
> conditional fwding are possible only in 2003 native domains. So,
> from B, I really cannot do any conditional fwding or create a
> stub-zone in B. Is this assumption correct?

Stubs are only a 2003 feature. Same with conditional forwarding. It may be
better to create a secondary zone between the two.

>
> - Can I just add the DNS servers of B in the Zone Transfer tab for A
> (with "Only to the following servers" option selected)? If so, does
> this pull in all zone information from B and add it to the zone info
> of A? Or is it just sending zone info for A to the specified servers
> of B (and A's zone is not being modified by this option - kind of a
> one-way zone transfer)?

Sure, you can, as suggested above.

>
> Thanks in advance!
>

No prob.

:-)

Ace