Tuesday, January 13, 2009

DNS Active Directory Domain Services (AD DS) Integration

The DNS Integration with Active Directory Domain Services (AD DS) provides a way to locate, organize and manage the network resources.

How DNS integrates with AD DS:

By installing AD DS on a DNS server, the server will be promoted to the role of a DNS domain controller for a specified domain.

The Active Directory Domain Services (AD DS) Advantages:

1. Active Directory Domain Service provides Active Directory replication and enhanced security.

In a general domain zone storage model, DNS updates are performed on a single-master update model. Here a single authoritative DNS server for a domain zone maintains the master copy of the domain zone in a local file. Updates from DNS clients for the domain zone are processed using the single authoritative DNS server. If this server is not available or down, then DNS clients update requests for the domain zone are not processed.

But with Active directory integrated storage, dynamic updates from DNS client for the domain zone can be sent to any AD DS integrated DNS server. AD DS can be replicated on multiple DNS serves so that all these DNS server can act ad Domain Controller for the Domain Zone.

Also Active Directory Domain Services (AD DS) domain uses access control list (ACL) to edit dns Zone object in the directory tree. For example, an ACL for a domain zone resource record can be restricted so that dynamic updates are allowed only from a specific dns clients or from a secure group, such as a domain administrators group.

2. Automatically replicating and synchronizing DNS Domain Zones information to new domain controllers.

DNS Server service can be selectively removed from a domain controller with out disturbing domain zones information each active directory domain controller.

3. DNS zone with AD DS can streamline database replication planning.

4. AD replication for a dns zone is much faster and efficient than the general standard DNS replication.

Note: The Active Directory Domain Services (AD DS) for DNS is available with windows server 2003 and windows 2008 but not in windows 2000.


Design by infinityskins.blogspot