Microsoft windows 2000 DNS manual Integrating ADS with Existing DNS Structure

In the picture above, a machine with the MyComputer Host name is joined to the MyCompany.com. AD domain. Its primary DNS suffix is also set by default to MyCompany.com.

The first adapter, which is being used for public access, is configured with the example1.com. DNS suffix. The second adapter, which is used exclusively for backups, has the example2.com. DNS suffix. The machine, therefore, can be accessed publicly through the first adapter using the MyComputer.example1.com. DNS name. For backup purposes the same machine can be accessed through the second adapter using the MyComputer.example2.com. DNS name.

Integrating ADS with Existing DNS Structure

In order for a DNS server to be able to support the Active Directory it is required to support the SRV records and it is recommended to support the dynamic updates, as described in the RFC 2136.

When integrating ADS into an existing DNS infrastructure, the decision needs to be made whether the Active Directory namespace will join, or overlap the existing DNS namespace.

If there is no overlap, you can delegate a new Windows 2000 DNS namespace from the existing DNS structure. When a DNS namespace is delegated off an existing DNS tree, the DNS server that owns the zone file for the newly delegated namespace, and becomes the primary master for that namespace. The DNS zone name, that has been delegated, should correspond to the ADS root domain. This approach is not required, but recommended if you want to use the benefits of the Windows 2000 DNS server. You may continue using the existing DNS server without delegating the Active Directory namespace as long as current DNS servers support the SRV records and the dynamic updates.

If the overlap is inevitable, then the approach you should take depends on whether the existing DNS tree is implemented using Windows NT 4.0 DNS, or a non- Microsoft product.

Windows 2000 White Paper

57