Using Active Directory integrated zones in Windows 2000 Server
Takeaway: Learn about zone files -- plain text records within your Windows 2000 DNS Server that allow for integrated redundancy and security across your system, including in Active Directory.
Domain Name System (DNS) servers save all resource records in a special file called a zone file. This is a plain-text file that can be edited with any text editor. In Windows 2000 these files are usually located in the %systemroot%\system32\dns directory and have a .dns extension.
Windows 2000 DNS zones that store records in these text files are called standard primary and standard secondary zones. The third zone type supported in Windows 2000 Active Directory (AD) is an integrated zone. The records of these zones are not saved in text files anymore, but rather, are saved as objects in Active Directory.
The most obvious advantage of using AD integrated zones is redundancy; thus, there's no single point of failure in DNS design. In DNS design, only standard primary servers contain a writeable copy of a zone file that's then transferred to standard secondary servers. These servers hold read-only copies of the zone. Thus, if a standard primary server fails, you can't update DNS records until the server is back online or you promote some other server from secondary to primary. With Active Directory integrated zones, this cannot work because all domain controllers in a domain hold the zone information and all can write to it. Also, the AD replication process takes care of DNS replication.
Another advantage of AD integrated zones is security. You can now turn on Secured Dynamic Updates and thus allow only authorized clients to update records in DNS. In addition, every resource record gets an ACL similar to ACL files on NTFS partitions.
AD integrated zones aren't perfect, though. The biggest disadvantage can be performance degradation. Because all data is in AD, you can expect the rate of dynamic updates to decrease by a factor of two.
Miss a column?
Check out the Windows 2000 Server archive, and catch up on the all the W2K Server columns.
Want more Win2K tips and tricks? Automatically sign up for our free Windows 2000 Server newsletter, delivered each Tuesday!
SponsoredWhite Papers, Webcasts, and Downloads
- How Does Ping Really Work? Global Knowledge
- User's Guide to Office 2007: No Need To Wait, Deploy It Now Global Knowledge
- VoIP: How to Plan for the Bandwidth and Calculate the Cost Savings Global Knowledge
- Effectively Managing Team Conflict Global Knowledge
- 10 Red Hat Linux Tips and Tricks Global Knowledge
Article Categories
- Security
- Security Solutions, IT Locksmith
- Networking and Communications
- E-mail Administration NetNote, Cisco Routers and Switches
- CIO and IT Management
- Project Management, CIO Issues, Strategies that Scale
- Desktops, Laptops & OS
- Windows 2000 Professional, Microsoft Word, Microsoft Excel, Microsoft Access, Windows XP,
- Data Management
- Oracle, SQL Server
- Servers
- Windows NT, Linux NetNote, Windows Server 2003
- Career Development
- Geek Trivia
- Software/Web Development
- Web Development Zone, Visual Basic, .NET
