What should you do?

Your company has a main office and two branch offices. Domain controllers in the main office host an Active Directory-integrated zone.
The DNS servers in the branch offices host a secondary zone for the domain and use the main office DNS servers as their DNS Master servers for the zone.
The company adds a new branch office. You add a member server named Branch3 and install the DNS Server server role on the server. You configure a secondary zone for the domain. The zone transfer fails.
You need to configure DNS to provide zone data to the DNS server in the new branch office.
What should you do?

Your company has a main office and two branch offices. Domain controllers in the main office host an Active Directory-integrated zone.
The DNS servers in the branch offices host a secondary zone for the domain and use the main office DNS servers as their DNS Master servers for the zone.
The company adds a new branch office. You add a member server named Branch3 and install the DNS Server server role on the server. You configure a secondary zone for the domain. The zone transfer fails.
You need to configure DNS to provide zone data to the DNS server in the new branch office.
What should you do?

A.
Run dnscmd by using the ZoneResetMasters option.

B.
Run dnscmd by using the ZoneResetSecondaries option.

C.
Add the new DNS server to the Zone Transfers tab on one of the DNS servers in the main office.

D.
Add the new DNS server to the DNSUpdateProxy Global security group in Active Directory Users and Computers.



Leave a Reply 2

Your email address will not be published. Required fields are marked *


na0k1

na0k1

Is “B” incorect?
If you add server3 address at the /securelist, you can it.

neopod

neopod

@ha0k1:

It would be nice if M$ would answer that, but I doubt they will. It appears that both would work. Kind of depends if you just want to add branch3 though or reset all of your secondary servers.

With zoneresetsecondaries, you would have to list all of your secondary servers again in the list. With the zone transfers tab you simply add the server you are missing. I would say that zone transfers tab would be the easier way to do it, but both would work.

If this question were changed and the main server were running server core, the answer would definitely be B.

If anyone doubts B as a possible solution:
http://dns-info.blogspot.com/2009/02/zoneresetsecondaries-using-dnscmd.html

so from the main server you would run:
dnscmd dnsserver /zoneresetsecondaries /securelist

Again, this is one question that would be really nice if M$ could clear up since both B and C are 100% correct.