Changing a Zone to Active Directory-Integrated
Active Directory-Integrated Zone is a DNS zone contained within Active Directory. Storing a zone in Active Directory has the following benefits:
Active Directory-Integrated Zones can be replicated three different ways:
Windows Server 2003/2008
- Fault Tolerance- If you have multiple domain controller, information are backup to multiple domain controller
- Security- Setting in AD discretionary access control list (DACL) specify users and group that can modify the DNS zone
- Zones are multimaster- Zone can be updated in more than one location.
- Efficient replication- Zone transfer are replace by more efficient Active Directory replication because Active Directory compresses replication data that passes between sites.
- Secondary zones- Can be transfer to secondary servers to create secondary zones.
Active Directory-Integrated Zones can be replicated three different ways:
- To all domain controllers in the domain (This is the same as Windows 2000)
- To all domain controllers that are DNS servers in the local domain
- To all domain controllers that are also DNS servers in the entire forest
Windows Server 2003/2008
1. Open DNS Management Console. Expand Forward Lookup Zones. Right-click Domain and select Properties
2. Click Change
3. Select Primary Zone, check Store the zone in Active Directory, and click OK
4. Click Yes
5. Notice the Type changes to Active Directory-Integrated. Click Apply and OK