Přihlásit
 
HlavníKnihovnaCertifikaceDownloadPodporaKomunitaFóra
Zdroje informací pro profesionály v oboru IT >
sub domains

Odpovědět sub domains

  • 4. června 2012 10:06
     
     
    Přihlásit se a hlasovat
    0
    how to extend  two subdomains  for two branch offices.they shall be given access to manage their own zones, but they will not be able to change settings in the DNS server. The domain is Active Directory integrated.
     

Všechny reakce

  • 4. června 2012 12:53
     
     Odpovědět
    Přihlásit se a hlasovat
    0

    Hello, 

    Please go through below articles once.

    1. http://www.tech-faq.com/understanding-dns-zones.html
    2. http://technet.microsoft.com/en-us/library/cc781923(v=WS.10).aspx

    Regards, Ravikumar P

     
  • 5. června 2012 5:33
     
     Odpovědět
    Přihlásit se a hlasovat
    0

    how to extend  two subdomains  for two branch offices.they shall be given access to manage their own zones, but they will not be able to change settings in the DNS server.

    I think you're asking how to create a child domain in Active Directory under your current forest root domain. And you're asking how to design DNS to handle name resolution between the root domain and the child domain, as well as the child domain has they're own administrators. Is that correct? If so, the following should help:

    .

    DNS Design Options in a Multi-Domain Forest - How to create a Parent-Child DNS Delegation, and How to Configure DNS to create a new Tree in the Forest
    Published by Ace Fekay, MCT, MVP DS on Oct 1, 2010 at 12:22 PM
    http://msmvps.com/blogs/acefekay/archive/2010/10/01/dns-parent-child-dns-delegation-how-to-create-a-dns-delegation.aspx

    .

    The domain is Active Directory integrated.

    You mean the "zone" is AD Integrated, which simply means the zone data is stored in the actual AD database. and not in a text fle.

    .

    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008/R2, Exchange 2007 & Exchange 2010, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBookTwitterLinkedIn


     
  • 6. června 2012 6:47
    Moderátor
     
     Odpovědět
    Přihlásit se a hlasovat
    0

    Hi aiti-2012,

    Thanks for posting here.

    > They shall be given access to manage their own zones, but they will not be able to change settings in the DNS server.

    We can set child domain by setting delegation like what Ace and Ravikumar suggested . Each branch office will own their own DNS server which hosting their child domain zone ,for example branch1.contoso.local and branch2.contoso.local.

    How To Create a Child Domain in Active Directory and Delegate the DNS Namespace to the Child Domain

    http://support.microsoft.com/kb/255248/

    But it seems you are more interest in the permission settings cos you want they to manage the zones and records in it but server settings. If I misunderstand please let me know .

    If so , we can modify the ACL setting of the zone on DNS server at branch in order to grant permission to manage the zone but not add them into the local DNSadmins group . with this settings, local users can still access and manage their zone via RSAT but not log into this server host. Ace has proposed some good suggestions and links in the old thread below and I think that will help us the simplify the management affairs :

    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/9316d54f-82d3-4d6c-98a5-1674c6a0a27b

    Thanks.

    Tiger Li

    Tiger Li

    TechNet Community Support