Your company is running Active Directory, but its internal DNS is running on a U

Question

Your company is running Active Directory, but its internal DNS is running on a UNIX server. Your boss is a long-time UNIX guy, so he refused to allow the Microsoft DNS implementation when Active Directory was implemented. He still doesn’t want to switch your company’s DNS from BIND to Microsoft DNS. It’s time to convince him. Write your recommendation for switching the company’s internal DNS from a BIND zone to an Active Directory-integrated zone on Microsoft Server 2012. (You don’t need to learn about BIND for this.) Explain all the benefits of using an Active Directory-integrated zone in an Active Directory environment. You can focus on its management features, security enhancements, or anything else that you think will convince him.

Explanation / Answer

The advantages of using AD-Integrated zone are :

1.    Replication :

AD-Integrated zone is made an exact copy using Active Directory replication. Because Active Directory can compress replication of data between sites to replicate data securely, efficiently.

DNS replication is fast, so it can work over slow links also without any interruption.

2.    Redundancy : AD-integrated zones provide redundancy of data between zones so there does not have any chances to failure in DNS design.

Otherwise, In case of standard primary zone which can hold as read/write i.e writeable copy of a file in the zone which is transferred to secondary zones using BIND DNS instead of ADI zones in Microsoft DNS where the servers can hold read-only copy of the zone.

If server hosting primary zone is getting failed then DNS data files can’t be updated until the server is updated to online or secondary server is upgraded to primary server. Whereas in case of AD-integrated zones, all Directory contents can be written on zone and there is no chance to any failure.

3.    Security : The secure dynamic update is enabled for the authorized clients who can update their data files in DNS zone that is opposite to the updated proxy data.

When DNS and Active Directory are integrated, the Active Directory-integrated zones are replicated and stored on any new domain controllers automatically. Synchronization takes place automatically when new domain controllers are deployed.

4. In case of ADI zone a new domain controller is updated automatically without configuring transfer between zones. So there is a need to manage Active Directory domains and DNS name spaces as separate entities which is no longer required. As a result it reduces administrative pressure.

5. Location wise, AD sites can be configured to control replication which are at a distant geographically and Synchronization is taken place automatically when a new deployment of   domain controllers are established. AD-integrated zones as well as the AD database with all their replications are being controlled.

All these are the  benefits of using an Active Directory-integrated zone in an Active Directory environment which is more advantageous to use BIND DNS.

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.