none
can a DHCP server in a trusted domain, update secure only DNS in a trusting domain? RRS feed

  • Question

  • can a DHCP server in a trusted domain, update secure only DNS in a trusting domain?

    Would it be possible to add the DHCP server machine account in to the dnsupdateproxy group in the trusting domain? Would you also have dynamic update credentials in the trusted domain, and these would work when doing DNS updates in the trusting domain?

    The DNS server we want to update is in the trusting domain. The trusting domain has an outgoing forest trust(transitive), with the trusted domain.

    Tuesday, November 12, 2019 12:07 AM

Answers

  • Hi ,

    Did you mean that DHCP server in domain A, DNS server in domain B? Then you want DHCP in domain A write the A and PTR records regarding DomainB clients into DomainB DNS. Is it right? 

    Please feel free to let me know, if my understanding is wrong.

    >>Would it be possible to add the DHCP server machine account in to the dnsupdateproxy group in the trusting domain?

    The DNSUpdateProxy group can't add different domain's account due to it is a global group.

    If the DomainB's Client get the IP address from DHCP role installed on the DomainA. Then it will get the DomainA's DNS server, when DHCP/CLIENT register the DomainB's Client into the DNS of DomainA, it found there is one secondary zone for DomainB which cannot be reigstered.

    It would be better to have a DHCP server for each domain and separate the domains into different subnets by routers.

    Here is an similar thread discussed before, you might have a look:

    One DHCP for two different domains

    Best Regards,

    Candy



    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   



    Tuesday, November 12, 2019 2:55 AM