Active Directory Integrated Conditional Forwarders

 
I took a look at another nice Server 2008 feature.
It has to do with DNS Conditional Forwarders.
In Server 2008 there is a separate node in DNS Manager to configure Conditional Forwarders
 
This isn’t only cosmetic, in Server 2000/2003 you had to configure the Forwarding in the DNS servers’s properties,
because they were also set at the level of the DNS server.
 
So in larger environments, if you wanted to configure Forwarding for a certain DNS domain, and you wanted to
do this on all DNS Servers, you had to do this for all the DNS servers separately.
Especially in companies with lots of branch offices, that used their local DNS server for name resolution, this could
be a (boring) job, inviting errors to occur and making configuration sort of decentralized.
 
Now with Server 2008, the Forwarders can be configured centrally and can be configured as ‘Active Directory’ integrated
What does this mean: well this means they are stored in Active Directory and you can configure a replication scope,
in the same way you can with AD Integrated DNS Zones, they can be replicated using following scopes:
– All DNS servers in this forest (through the ForestDNSZones Application Partition)
– All DNS servers in this domain (through the DomainDNSZones Application Partition)
-All Domain Controllers in this domain (for Windows 2000 compatibility), stored in the Domain Partition
– In a custom Application Partition of your liking, if you want to replicate only to certain Domain Controllers (that are probably your DNS servers)
 
Here’s a screenshot of the dialog used to configure Conditional Forwarders for a DNS Domain and the replication scope:
 
 
I think this is another nice feature that enhances DNS management and setup in larger Active Directories.
 
 
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s