Creating a Secondary Zones

**In this Video we will: **

• Describe Secondary Zones
• Explain why you would deploy a Secondary Zone
• Then we will utilize what we have learned and create a Secondary Zone.
• And finally, we will test the Zone
• At the end of this lecture you will have a thorough understanding of Secondary Zones
• You will know how to create, configure and test your Secondary Zone

**Prerequisites: You must have access to or have installed in your lab the following: **

• One Windows 2016 Server with Active Directory installed and promoted to a domain controller (DNS installs automatically).
• One member server with Windows 2016 server and DNS installed. This server must be joined to the domain. (Join this machine to the domain just like you would any other computer)** **
• Or two VM’s, one configured as a Domain Controller and one configured as a member server.** **

**Adequate****Permissions **will be needed.

• To configure a DNS server that is not running as domain controller, you must be a member of the Administrators group for that computer.
• To configure a DNS server that is running on a domain controller, you must be a member of the DNS Administrators, Domain Administrators, or Enterprise Administrators group

**Describe a Secondary Zone **

• It is a read only copy of a primary Zone
• Changes cannot be made directly on the secondary server, only on the Master that holds the zone.
• A secondary zone can be a copy of an Active Directory integrated zone.
• Cannot be stored in Active Directory
• In order for the secondary server to receive a copy of the zone, the master zone must be configured to allow zone transfers.
• Secondary zones are supported on non-Microsoft DNS, will work with Linux and Unix.

**Why would you Deploy Secondary Zones? **

• Enhances redundancy
• If the server hosting the Primary copy is unavailable, this server will be available for use by the clients in its…