I’m new at this work, so a lot of things here were the work of formers admins, a few of them very rare, like this one:
– Two domain controllers, both are GC, and both are DNS servers.
– Although they are on different physical sites, I dont need to put them logically on different sites (bandwith is not an issue). So they are there just for redundancy.
I was yesterday checking a problem for some guy at it security dept, that they surfcontrol filter doesn’t like our dns server or is having some problems. I went down to check my dns servers and indeed I found something rare: both of them where pointing to each for name resolution, like:
DC1 ip dns server ->DC2
DC2 ip dns server ->DC1
What I always did every time I got to do a new forest/domain (and thought it was a best practice) was to point the DC to itself for name resolution, and if it where to resolve outside address, configure fowarding.
well I put everything like I liked, but when I got to the DNS console on both domain controllers I saw what you can see on the attachment. I always saw that folder with the _MSDCS records **inside** of the AD zone, not outside. what do you think about it, should I be worry about this?? as a sidenote, I also must point that I cannot ping the name of the domain, I mean the netbios name, i.e. the domain is fulano.com I cant ping fulano
Thanks for looking
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.