Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET

Server 2016 DNS Policies

Home Forums Microsoft Networking and Management Services DNS Server 2016 DNS Policies

Viewing 1 post (of 1 total)
  • Author

  • Craig_Han


    We have 5 sites with one 2016 DNS Server (integrated via Active Directory) in each site (so 5 DNS servers in total) . We have a main primary zone “” and there is approx 50 A records in it. I would like the A record “” to resolve to a different IP address for each site. I have implemented a DNS policy at site 1 to test. The policy looks like this:

    Add-DnsServerClientSubnet -Name “Site1_Subnet” -IPv4Subnet “”
    Add-DnsServerZoneScope -ZoneName “” -Name “Site1_Zone_Scope”
    Add-DnsServerResourceRecord -ZoneName “” -A -Name “service” -IPv4Address “” -ZoneScope “Site1_Zone_Scope”
    Add-DnsServerQueryResolutionPolicy -Name “Site1_Policy” -Action ALLOW -ClientSubnet “eq,Site1_Subnet” -ZoneScope “Site1_Zone_Scope,1” -ZoneName “”

    From a client PC on the subnet pointing to the DNS server with the policy, “” resolves to the local address, which is what i want.


    The issue i have is the other 50 A records for the zone do not resolve from that client PC. I know why, because the zone scope only has the one A record which i created….. but is there a way i can get the client to resolve the other A records from the main zone which is AD integrated as well? I dont want to have to maintain 5 x local zone scopes for all A records in the original domain.



Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: