I was wondering if DNS servers that our clients use in Active Directory (AD) need to be authoritative for the zones they're operating in. We've noticed that some of the DNS servers listed in our clients' resolvers are not authoritative. Also, do these servers need to handle dynamic updates directly, or is it acceptable for them to just forward those update requests? Thanks for your insights!
2 Answers
Ideally, you want your DNS servers to be both recursive and authoritative. A simple forwarder that just points to your domain controllers isn't going to cut it if you want to manage updates effectively.
No, DNS servers don’t necessarily have to be authoritative. They can function as recursive servers to provide answers. Just keep in mind that if they don’t support dynamic updates, that feature won’t work properly if updates are rejected. Also, if you're using a non-authoritative server, it won’t hurt anything as long as it can resolve queries correctly.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures