Tag Archive: Forwarders


Best practices for DNS forwarding:

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc754941%28v%3dws.10%29

https://www.petri.com/best-practices-for-dns-forwarding

To create a conditional forwarder zone in powershell:

read this reference doc: https://docs.microsoft.com/en-us/powershell/module/dnsserver/add-dnsserverconditionalforwarderzone?view=win10-ps

Examples:

To create a conditional forwarder zone (stored in the registry of the DNS Server):

Add-DnsServerConditionalForwarderZone -Name “contoso.com” -MasterServers 2001:4898:7020:f100:458f:e6a2:fcaf:698c,172.23.90.124 -PassThru

ZoneName                            ZoneType        IsAutoCreated   IsDsIntegrated  IsReverseLookupZone  IsSigned

——–                            ——–        ————-   ————–  ——————-  ——–

contoso.com                         Forwarder       False           False           False

 

This command creates an Active Directory-integrated conditional forwarder zone for contoso.com:

Add-DnsServerConditionalForwarderZone -Name “contoso.com” -ReplicationScope “Forest” -MasterServers 2001:4898:7020:f100:458f:e6a2:fcaf:698c,172.23.90.124

 

To change an existing conditional forwarder zone, use the cmdlet:

Set-DnsServerConditionalForwarderZone

Advertisements

what’s new in DNS on Windows 2012 server ? http://technet.microsoft.com/en-us/library/hh831667.aspx

understanding DNS ? http://technet.microsoft.com/library/cc732997(WS.10).aspx

How works DNS queries and processes/interactions/dynamic updates… : http://technet.microsoft.com/en-us/library/dd197552(v=ws.10).aspx

How to access DNS application partition (AD-integrated-DNS zone) with adsiedit.msc:

from adsiedit,  Connect to the partition:  Dc=domainDnszones,dc=mydom,dc=domain,dc=net

Then expand to go to mydom.domain.net

You can find all the DNS records,

Select the CN=MYCOMPUTER1 for instance, right-click properties, edit attributes

Check the attribute value “whenChanged” you have the real time when the DNS record has been modified (real timestamp !)