Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET

Server 2016 DNS Policies

Home Forums Microsoft Networking and Management Services DNS Server 2016 DNS Policies

Viewing 1 post (of 1 total)
  • Author
    Posts

  • Craig_Han
    Member
    #167512

    Hi,

    We have 5 sites with one 2016 DNS Server (integrated via Active Directory) in each site (so 5 DNS servers in total) . We have a main primary zone “xyz.com” and there is approx 50 A records in it. I would like the A record “service.xyz.com” to resolve to a different IP address for each site. I have implemented a DNS policy at site 1 to test. The policy looks like this:

    Add-DnsServerClientSubnet -Name “Site1_Subnet” -IPv4Subnet “192.168.1.0/24”
    Add-DnsServerZoneScope -ZoneName “xyz.com” -Name “Site1_Zone_Scope”
    Add-DnsServerResourceRecord -ZoneName “xyz.com” -A -Name “service” -IPv4Address “192.168.1.10” -ZoneScope “Site1_Zone_Scope”
    Add-DnsServerQueryResolutionPolicy -Name “Site1_Policy” -Action ALLOW -ClientSubnet “eq,Site1_Subnet” -ZoneScope “Site1_Zone_Scope,1” -ZoneName “xyz.com”

    From a client PC on the 192.168.1.0/24 subnet pointing to the DNS server with the policy, “service.xyz.com” resolves to the local address 192.168.1.10, which is what i want.

    BUT

    The issue i have is the other 50 A records for the xyz.com zone do not resolve from that client PC. I know why, because the zone scope only has the one A record which i created….. but is there a way i can get the client to resolve the other xyz.com A records from the main zone which is AD integrated as well? I dont want to have to maintain 5 x local zone scopes for all A records in the original xyz.com.au domain.

    Cheers

    Craig

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: