What should you include in your plan?

Your network contains an Active Directory forest named contoso.com. You plan to deploy a new
child domain named branch.contoso.com. The child domain will contain two domain controllers.
Both domain controllers will have the DNS Server server role installed. All users and computers in
the branch office will be members of the branch.contoso.com domain. You need to plan the DNS
infrastructure for the child domain to meet the following requirements:
• Ensure resources in the root domain are accessible by fully qualified domain names.
• Ensure resources in the child domain are accessible by fully qualified domain names.
• Provide name resolution services in the event that a single server fails for a prolonged period
of time.
• Automatically recognize when new DNS servers are added to or removed from the
contoso.com domain.
What should you include in your plan?

Your network contains an Active Directory forest named contoso.com. You plan to deploy a new
child domain named branch.contoso.com. The child domain will contain two domain controllers.
Both domain controllers will have the DNS Server server role installed. All users and computers in
the branch office will be members of the branch.contoso.com domain. You need to plan the DNS
infrastructure for the child domain to meet the following requirements:
• Ensure resources in the root domain are accessible by fully qualified domain names.
• Ensure resources in the child domain are accessible by fully qualified domain names.
• Provide name resolution services in the event that a single server fails for a prolonged period
of time.
• Automatically recognize when new DNS servers are added to or removed from the
contoso.com domain.
What should you include in your plan?

A.
On both domain controllers, add a conditional forwarder for contoso.com and create a standard
primary zone for branch.contoso.com.

B.
On both domain controllers, modify the root hints to include the domain controllers for
contoso.com. On one domain controller, create an Active Directoryintegrated zone for
branch.contoso.com.

C.
On one domain controller create an Active Directoryintegrated zone for branch.contoso.com and
create an Active Directoryintegrated stub zone for contoso.com.

D.
On one domain controller, create a standard primary zone for contoso.com. On the other domain
controller, create a standard secondary zone for contoso.com.

Explanation:

http ://technet.microsoft.com/en-us/library/cc772101.aspx
http ://technet.microsoft.com/en-us/library/cc771898.aspx
Understanding DNS Zone Replication in Active Directory Domain Services
Applies To: Windows Server 2008, Windows Server 2008 R2
You can store Domain Name System (DNS) zones in the domain or application directory partitions of
Active Directory Domain Services (AD DS). A partition is a data structure in AD DS that distinguishes
data for different replication purposes. For more information, see Understanding Active Directory
Domain Services Integration.
The following table describes the available zone replication scopes for AD DS-integrated DNS zone
data.

When you decide which replication scope to choose, consider that the broader the replication scope,
the greater the network traffic caused by replication. For example, if you decide to have AD DSintegrated DNS zone data replicated to all DNS servers in the forest, this will produce greater
network traffic than replicating the DNS zone data to all DNS servers in a single AD DS domain in that
forest.
AD DS-integrated DNS zone data that is stored in an application directory partition is not replicated
to the global catalog for the forest The domain controller that contains the global catalog can also
host application directory partitions, but it will not replicate this data to its global catalog.
AD DS-integrated DNS zone data that is stored in a domain partition is replicated to all domain
controllers in its AD DS domain, and a portion of this data is stored in the global catalog. This setting
is used to support Windows 2000.
If an application directory partition’s replication scope replicates across AD DS sites, replication will
occur with the same intersite replication schedule as is used for domain partition data.
By default, the Net Logon service registers domain controller locator (Locator) DNS resource records
for the application directory partitions that are hosted on a domain controller in the same manner as
it registers domain controller locator (Locator) DNS resource records for the domain partition that is
hosted on a domain controller.
Primary zone
When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for
information about this zone, and it stores the master copy of zone data in a local file or in AD DS.
When the zone is stored in a file, by default the primary zone file is named rone_name.dns and it is
located in the %windir%\System32\Dns folder on the server.
Secondary zone
When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source
for information about this zone. The zone at this server must be obtained from another remote DNS
server computer that also hosts the zone. This DNS server must have network access to the remote
DNS server that supplies this server with updated information about the zone. Because a secondary
zone is merely a copy of a primary zone that is hosted on another server, it cannot be stored in AD
DS.
Stub zone
When a zone that this DNS server hosts is a stub zone, this DNS server is a source only for
information about the authoritative name servers for this zone. The zone at this server must be

obtained from another DNS server that hosts the zone. This DNS server must have network access to
the remote DNS server to copy the authoritative name server information about the zone.
You can use stub zones to:
• Keep delegated zone information current. By updating a stub zone for one of its child zones
regularly, the DNS server that hosts both the parent zone and the stub zone will maintain a current
list of authoritative DNS servers for the child zone.
• Improve name resolution. Stub zones enable a DNS server to perform recursion using the stub
zone’s list of name servers, without having to query the Internet or an internal root server for the
DNS namespace.
• Simplify DNS administration. By using stub zones throughout your DNS infrastructure, you can
distribute a list of the authoritative DNS servers for a zone without using secondary zones. However,
stub zones do not serve the same purpose as secondary zones, and they are not an alternative for
enhancing redundancy and load sharing.
There are two lists of DNS servers involved in the loading and maintenance of a stub zone:
• The list of master servers from which the DNS server loads and updates a stub zone. A master
server may be a primary or secondary DNS server for the zone. In both cases, it will have a complete
list of the DNS servers for the zone.
• The list of the authoritative DNS servers for a zone. This list is contained in the stub zone using
name server (NS) resource records.
When a DNS server loads a stub zone, such as widgets.tailspintoys.com, it quenes the master
servers, which can be in different locations, for the necessary resource records of the authoritative
servers for the zone widgets.tailspintoys.com. The list of master servers may contain a single server
or multiple servers, and it can be changed anytime.



Leave a Reply 0

Your email address will not be published. Required fields are marked *