Prev Question
Next Question

Your network contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2
and have the DNS Server server role installed.
On Server1, you create a standard primary zone named contoso.com.
You need to ensure that Server2 can host a secondary zone for contoso.com.
What should you do from Server1?

A. Add Server2 as a name server.

B. Create a trust anchor named Server2.

C. Convert contoso.com to an Active Directory-integrated zone.

D. Create a zone delegation that points to Server2.

Explanation:
Typically, adding a secondary DNS server to a zone involves three steps:
On the primary DNS server, add the prospective secondary DNS server to the list of name servers that
are authoritative for the zone.
On the primary DNS server, verify that the transfer settings for the zone permit the zone to be
transferred to the prospective secondary DNS server.
On the prospective secondary DNS server, add the zone as a secondary zone.
You must add a new Name Server. To add a name server to the list of authoritative servers for the zone,
you must specify both the server’s IP address and its DNS name. When entering names, click Resolve to
resolve the name to its IP address prior to adding it to the list.
Secondary zones cannot be AD-integrated under any circumstances.
You want to be sure Server2 can host, you do not want to delegate a zone.
Secondary Domain Name System (DNS) servers help provide load balancing and fault tolerance.
Secondary DNS servers maintain a read-only copy of zone data that is transferred periodically from the
primary DNS server for the zone. You can configure DNS clients to query secondary DNS servers instead
of (or in addition to) the primary DNS server for a zone, reducing demand on the primary server and
ensuring that DNS queries for the zone will be answered even if the primary server is not available.
How-To: Configure a secondary DNS Server in Windows Server 2012
We need to tell our primary DNS that it is ok for this secondary DNS to pull information from it. Otherwise
replication will fail and you will get this big red X.

What should you do from Server1? 1

Head over to your primary DNS server, launch DNS manager, expand Forward Lookup Zones, navigate to
your primary DNS zone, right-click on it and go to Properties.

What should you do from Server1? 2

Go to “Zone Transfers” tab, by default, for security reasons, the “Allow zone transfers: ” is un- checked to
protect your DNS information. We need to allow zone transfers, if you value your DNS records, you do not
want to select “To any server” but make sure you click on “Only to servers listed on the Name Servers tab”.

What should you do from Server1? 3

Head over to the “Name Servers” tab, click Add.

What should you do from Server1? 4

You will get “New Name Server Record” window, type in the name of your secondary DNS server. it is
always better to validate by name not IP address to avoid future problems in case your IP addresses
change. Once done, click OK.

What should you do from Server1? 5

You will see your secondary DNS server is now added to your name servers selection, click OK.

What should you do from Server1? 6

Now if you head back to your secondary DNS server and refresh, the big red X will go away and your
primary zone data will populate.

What should you do from Server1? 7

Your secondary DNS is fully setup now. You cannot make any DNS changes from your secondary DNS.
Secondary DNS is a read-only DNS, Any DNS changes have to be done from the primary DNS.
References:
http://technet.microsoft.com/en-us/library/cc816885(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc816814(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc770984.aspx
http://technet.microsoft.com/en-us/library/cc753500.aspx
http://technet.microsoft.com/en-us/library/cc771640(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/ee649280(v=ws.10).aspx

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *