«

Hi everyone;

I am studying for Exam 70-293 and I am having some trouble with DNS
subdomains. I understand the concept but am not sure how to set them up
properly on Windows Server 2003.

For instance, on a new server installation I can set up a new Forward Lookup
Zone for "fabrikam.com" as a Primary standard zone. Let's say I want a
subdomain "internal.fabrikam.com". I can either:

-Right-click on the fabrikam.com zone, choose New Domain... and type in
"internal". This generates what looks like a subfolder under "fabrikam.com"
called "internal"
OR
-I can right-click on "Forward Lookup Zones", choose new Zone -> Primary
Zone and enter "internal.fabrikam.com" If I do this I get a new zone called
"internal.fabrikam.com".

I can have 1 zone with a subdomain for "internal.fabrikam.com" or I can have
two zones, one for "fabrikam.com" and one for "internal.fabrikam.com"... What
is the difference and what would be considered the correct method?

Thanks to anyone for their insight

"C_Guy" <> wrote in message
news:CEDDFB5E-D398-4A9C-95D7-...

> For instance, on a new server installation I can set up a new Forward
> Lookup
> Zone for "fabrikam.com" as a Primary standard zone. Let's say I want a
> subdomain "internal.fabrikam.com". I can either:
>
> -Right-click on the fabrikam.com zone, choose New Domain... and type in
> "internal". This generates what looks like a subfolder under
> "fabrikam.com"
> called "internal"
> OR
> -I can right-click on "Forward Lookup Zones", choose new Zone -> Primary
> Zone and enter "internal.fabrikam.com" If I do this I get a new zone
> called
> "internal.fabrikam.com".
>
> I can have 1 zone with a subdomain for "internal.fabrikam.com" or I can
> have
> two zones, one for "fabrikam.com" and one for "internal.fabrikam.com"...
> What
> is the difference and what would be considered the correct method?

The distinction here is whether the subdomain will be managed as a separate
*zone* or in the same zone as the primary domain. To fully grasp this
distinction you'll need to understand the significance of the "zone" in the
Domain Name System -- which is not a topic covered by the 70-293 exam,
because it's generally not relevant in an AD-Integrated domain environment.

The short answer is that the issue of a zone is really only relevant to a
FILE-based DNS environment. A "zone" is a container that represents a point
of authority for the contents of that "zone". A zone is a physical
manifestation of the logical concept of a domain (including subdomains). A
single domain can be split into multiple zones -- though is rarely done
(thus granting authority over different segments of a single domain). A
subdomain can be managed in the same zone as the parent domain -- typically
done when a single authority is responsible for both domains, or a subdomain
can be managed in a separate zone, usually done when the management for the
subdomain will be delegated to a different authority.

For a great reference on all things DNS, and the original implementation via
BIND, long before Microsoft reinvented the system (or tried to), look for
the O'Reilly book titled "DNS and BIND" which is still considered to be the
"bible" on DNS.



--
Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)

My Blog: http://onsitechsolutions.spaces.live.com
Microsoft WSUS Website: http://www.microsoft.com/wsus
My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin

Thanks Lawrence, that makes sense and answers my question. I appreciate your
help

"Lawrence Garvin [MVP]" wrote:

> "C_Guy" <> wrote in message
> news:CEDDFB5E-D398-4A9C-95D7-...
>
> > For instance, on a new server installation I can set up a new Forward
> > Lookup
> > Zone for "fabrikam.com" as a Primary standard zone. Let's say I want a
> > subdomain "internal.fabrikam.com". I can either:
> >
> > -Right-click on the fabrikam.com zone, choose New Domain... and type in
> > "internal". This generates what looks like a subfolder under
> > "fabrikam.com"
> > called "internal"
> > OR
> > -I can right-click on "Forward Lookup Zones", choose new Zone -> Primary
> > Zone and enter "internal.fabrikam.com" If I do this I get a new zone
> > called
> > "internal.fabrikam.com".
> >
> > I can have 1 zone with a subdomain for "internal.fabrikam.com" or I can
> > have
> > two zones, one for "fabrikam.com" and one for "internal.fabrikam.com"...
> > What
> > is the difference and what would be considered the correct method?
>
> The distinction here is whether the subdomain will be managed as a separate
> *zone* or in the same zone as the primary domain. To fully grasp this
> distinction you'll need to understand the significance of the "zone" in the
> Domain Name System -- which is not a topic covered by the 70-293 exam,
> because it's generally not relevant in an AD-Integrated domain environment.
>
> The short answer is that the issue of a zone is really only relevant to a
> FILE-based DNS environment. A "zone" is a container that represents a point
> of authority for the contents of that "zone". A zone is a physical
> manifestation of the logical concept of a domain (including subdomains). A
> single domain can be split into multiple zones -- though is rarely done
> (thus granting authority over different segments of a single domain). A
> subdomain can be managed in the same zone as the parent domain -- typically
> done when a single authority is responsible for both domains, or a subdomain
> can be managed in a separate zone, usually done when the management for the
> subdomain will be delegated to a different authority.
>
> For a great reference on all things DNS, and the original implementation via
> BIND, long before Microsoft reinvented the system (or tried to), look for
> the O'Reilly book titled "DNS and BIND" which is still considered to be the
> "bible" on DNS.
>
>
>
> --
> Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
> Principal/CTO, Onsite Technology Solutions, Houston, Texas
> Microsoft MVP - Software Distribution (2005-2009)
>
> My Blog: http://onsitechsolutions.spaces.live.com
> Microsoft WSUS Website: http://www.microsoft.com/wsus
> My MVP Profile: http://mvp.support.microsoft.com/pro...awrence.Garvin
>