A corporate network includes a single Active Directory Domain Services (AD DS) domain.
The domain contains 10 domain controllers.
The domain controllers run Windows Server 2008 R2 and are configured as DNS servers.
You plan to create an Active Directory-integrated zone.
You need to ensure that the new zone is replicated to only four of the domain controllers.
What should you do first?
A. Use the ntdsutil tool to modify the DS behavior for the domain.
B. Use the ntdsutil tool to add a naming context.
C. Create a new delegation in the ForestDnsZones application directory partition.
D. Use the dnscmd tool with the /zoneadd parameter.
Correct Answer: B
Explanation/Reference:
Practically the same question as A/Q50 and D/Q25, different set of answers.
To control which servers get a copy of the zone we have to store the zone in an application directory partition. That application directory partition must be created before we create the zone, otherwise it won’t work. So that’s what we have to do first. Directory partitions are also called naming contexts and we can create one using ntdsutil.
Here I tried to create a zone with dnscmd /zoneadd. It failed because the directory partition I wanted to use did not exist yet. To fix that I used ntdsutil to create the directory partition dc=venomous,dc=contoso,dc=com. Note that after creating it a new naming context had been added.
Then, after a minute or two, I tried to create the new zone again, and this time it worked.
Reference 1:
http://technet.microsoft.com/en-us/library/cc725739.aspx
Store Data in an AD DS Application Partition
You can store Domain Name System (DNS) zones in the domain or application directory partitions of Active Directory Domain Services (AD DS). An application directory partition is a data structure in AD DS that distinguishes data for different replication purposes. When you store a DNS zone in an application directory partition, you can control the zone replication scope by controlling the replication scope of the application directory partition.
Reference 2:
http://technet.microsoft.com/en-us/library/cc730970.aspx
partition management
Manages directory partitions for Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS).
This is a subcommand of Ntdsutil and Dsmgmt.
Examples
To create an application directory partition named AppPartition in the contoso.com domain, complete the following steps:
1. To open an elevated Command Prompt window, click Start, point to All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
2. Type: ntdsutil
3. Type: Ac in ntds
4. Type: partition management
5. Type: connections
6. Type: Connect to server DC_Name
7. Type: quit
8. Type: list
The following partitions will be listed:
0 CN=Configuration,DC=Contoso,DC=com
1 DC=Contoso,DC=com
2 CN=Schema,CN=Configuration,DC=Contoso,DC=com
3 DC=DomainDnsZones,DC=Contoso,DC=com
4 DC=ForestDnsZones,DC=Contoso,DC=com
9. At the partition management prompt, type: create nc dc=AppPartition,dc=contoso,dc=com ConDc1.contoso.com
10. Run the list command again to refresh the list of partitions.