Difficulty: Medium
Correct Answer: Configure at least two servers with Active Directory–integrated primary zones
Explanation:
Introduction / Context:
Windows 2000 introduced Active Directory–integrated (ADI) DNS zones, which store zone data in the directory. ADI zones are multi-master: any domain controller running DNS can accept updates and replicate them using AD replication, which is ideal for dynamic registrations and resilience.
Given Data / Assumptions:
Concept / Approach:
Configuring at least two DNS servers to host the zone as Active Directory–integrated yields multi-master update capability. Clients can register with either DNS server; changes replicate via AD. Standard primary/secondary is single-master, making updates dependent on the primary’s availability and introducing transfer lag. Multiple standard primaries for the same zone are invalid and cause conflicts.
Step-by-Step Solution:
1) Convert the domain’s forward lookup zone to AD-integrated on one DC.2) Install DNS on at least one additional DC and also host the same zone as AD-integrated.3) Verify dynamic updates are allowed (secure if desired).4) Point client TCP/IP settings (and DCs) to both DNS servers for redundancy.
Verification / Alternative check:
Confirm updates on one DNS server appear on the other after AD replication; test client registrations (ipconfig /registerdns) and resolvability if one server is offline.
Why Other Options Are Wrong:
Common Pitfalls:
Leaving DCs pointing at themselves for DNS only; not enabling secure dynamic updates; forgetting reverse lookup zones for PTR registration.
Final Answer:
Configure at least two servers with Active Directory–integrated primary zones
Discussion & Comments