We have a split horizon setup on our network, and we have 2 separate DNS setups:
Domain: cloud.xyz.com
cloudad1.cloud.xyz.com with of course AD integrated DNS (Server 2008 R2)
and
ns1.xyz.com non-AD integrated, not in the domain
ns2.xyz.com non-AD integrated, not in the domain, both Windows 2008 R2
At the moment NS1 and NS2 do recursive queries and are public facing. This of course is not best practice and we want to reorganise our name servers to correct this.
We want to add another domain controller to the network but I've run into an issue.
The registrar authoritive DNS server for the domain xyz.com is NS1
I have setup a Server 2012 with AD and DNS called clouadad2.cloud.xyz.com, and joined it to the domain cloud.xyz.com
When I try to promote it to a DC I get the message:
A delegation for this DNS server can not be created because the
authoritive parent zone cannot be found or does not run Windows
DNS server. If you are integrating with an existing DNS infrastructure,
you should manually create a delegation to this DNS server in the
parent zone to ensure reliable name resolution from outside the
domain "cloud.xyz.com". Otherwise no action is required.
The parent zone xyz.com is on NS1, not in the domain. To delegate I have to delete the zone, but I can't do that as I need it there for public name resolution.
Clearly I am misunderstanding something????
Domain: cloud.xyz.com
cloudad1.cloud.xyz.com with of course AD integrated DNS (Server 2008 R2)
and
ns1.xyz.com non-AD integrated, not in the domain
ns2.xyz.com non-AD integrated, not in the domain, both Windows 2008 R2
At the moment NS1 and NS2 do recursive queries and are public facing. This of course is not best practice and we want to reorganise our name servers to correct this.
We want to add another domain controller to the network but I've run into an issue.
The registrar authoritive DNS server for the domain xyz.com is NS1
I have setup a Server 2012 with AD and DNS called clouadad2.cloud.xyz.com, and joined it to the domain cloud.xyz.com
When I try to promote it to a DC I get the message:
A delegation for this DNS server can not be created because the
authoritive parent zone cannot be found or does not run Windows
DNS server. If you are integrating with an existing DNS infrastructure,
you should manually create a delegation to this DNS server in the
parent zone to ensure reliable name resolution from outside the
domain "cloud.xyz.com". Otherwise no action is required.
The parent zone xyz.com is on NS1, not in the domain. To delegate I have to delete the zone, but I can't do that as I need it there for public name resolution.
Clearly I am misunderstanding something????