Thanks Ace, that helps a lot. We will have only one root domain (XYZ.com)
and no child domains, so if it is no problem to have all nodes on one zone
then that makes it all less complicated!
"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message news:uCvNfBP5FHA.332@TK2MSFTNGP10.phx.gbl...
> In news:ObGEFvG5FHA.1248@TK2MSFTNGP14.phx.gbl,
> Tom <none@none.com> made this post, which I then commented about below:
>> Hello. We're planning AD rollout next week and are having a tough
>> time deciding how to design DNS. We have three sites, each with
>> their own subnet. Our Nashville site has about 900 PCs, Omaha has 13
>> PCs and Philly has about 25. In testing, we tried setting up
>> multiple zones, one for each site (nash.xyz.com, omaha.xyz.com, etc)
>> but we were then unable to resolve from a PC in one zone to one in
>> another zone. How do we resolve across zones? With only 13 and 25
>> in the other sites, is there even a need to create separate zones for
>> them? If having 938 PCs in one zone is okay, it would be prefeable
>> to have them all in one zone.
>> Thanks,
>>
>> Tom
>
> Tom, my first question is do you want child domains at each location? If
> so, I can understand why the need for the child zones, otherwise, if there
> is only one AD domain for your company (even though you have multiple
> sites), then the need for the child zones are not needed, therefore just
> the one zone, (using the example zone name you posted), "xyz.com".
>
> I suggest to put a DC/GC in those sites for your domain, and create AD
> Sites to eliminate WAN authentication/logon traffic, which would isolate
> that sort of traffic just to those DCs in their respective sites. I also
> suggest make the 'xyz.com' zone AD integrated and install DNS on these
> servers at the remote locations. If all the DCs are Win2003, I would store
> it in the DomainDnsZones app partition (the middle button under the
> replication scope button in the zone's properties). If Win2000, just make
> it AD Integrated.
>
> I hope that helps.
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> If this post is viewed at a non-Microsoft community website, and you were
> to respond to it through that community's website, I may not see your
> reply unless that website posts replies back to the original Microsoft
> forum. Therefore, please direct all replies ONLY to the Microsoft public
> newsgroup this thread originated in so all can benefit or ensure the web
> community posts it back to the original forum.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft MVP - Windows Server Directory Services
> Microsoft Certified Trainer
> Infinite Diversities in Infinite Combinations.
> =================================
>
>
>
>