Dynamic DNS registration via slave server


Recently, while planning a DR, I experimented with dynamic registration of DNS records for AD via an intermediary DNS server. Originally the intermediary DNS server was simply a forwarder, but was ultimately re-configured as a secondary that forwarded updates. The final thing that was done to allow AD dynamic DNS updates was to re-configure the SoA record to be the DNS slave (that was forwarding updates).

The lab configuration was three VMs where VM 1 shared a network with VM 2 which also shared a network with VM 3 (VM 1 and 3 could not communicate with each other in any way). Originally all three VMs were running Windows 2003 with VMs 1 and 2 having Microsoft DNS server installed. Unfortunately Microsoft DNS server would not forward the dynamic updates to master DNS server. Once the slave DNS server was replaced with BIND (which could be run on Windows), dynamic DNS forwarding was enabled, and everything worked.